Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Viruses/trojans/etc...i Got Them All In One Convenient 15 Kb Package


  • This topic is locked This topic is locked
15 replies to this topic

#1 Dober

Dober

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:07 PM

Posted 28 June 2006 - 05:48 PM

Okay, so I accidentally downloaded a 15kb file when I was searching for programs on limewire (I promise I wasn't looking for porn, I know better than that!), and when I opened it up, It was a slew of viruses. I have managed to get 90% due to multiple uses of adaware, spybot, and cwshredder, but there are a few nasties left that come on before adaware/spybot due when they run at system startup. Here's my Hijack this Log:
Logfile of HijackThis v1.99.1
Scan saved at 5:41:10 PM, on 6/28/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\QnJhZCBEb2Jlcg\command.exe
C:\Program Files\Network Monitor\netmon.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\HijackThis 1.99.1\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.findthewebsiteyouneed.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.mrfindalot.com/search.asp?si=20065&k=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.mrfindalot.com/search.asp?si=20065&k=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - C:\Program Files\SurfSideKick 3\SskBho.dll
F2 - REG:system.ini: Shell=Explorer.exe, C:\WINDOWS\system32\pjbvq.exe
F2 - REG:system.ini: UserInit=userinit.exe,afiabll.exe
O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\nem220.dll
O2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet6_38.dll
O2 - BHO: (no name) - {51839DBE-FB3D-427A-8425-9139303E3AB4} - C:\Program Files\NetMeeting\hotepyk.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Yvakt Class - {AE0ECC2F-0C33-494C-8B22-B57A7763027F} - C:\WINDOWS\system32\x3cqp0.dll
O2 - BHO: (no name) - {E5E2A3E7-00FE-4D31-A030-A10799DDCA66} - (no file)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [outlook] C:\Program Files\outlook\outlook.exe /auto
O4 - HKLM\..\Run: [winlog] winlog.exe
O4 - HKLM\..\Run: [{B9-9E-EB-B3-ZN}] c:\windows\system32\dwdsregt.exe GID003
O4 - HKLM\..\Run: [ftexc] C:\WINDOWS\system32\mptft.exe
O4 - HKLM\..\Run: [Hhl7RfpJ] "C:\WINDOWS\system32\ssn6tuu.exe"
O4 - HKLM\..\Run: [IpWins] C:\Program Files\ipwins\ipwins.exe
O4 - HKLM\..\Run: [keyboard] c:\\kybrdc_2.exe
O4 - HKLM\..\Run: [defender] c:\\dfndrc_2.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [BrowserUpdateSched] C:\WINDOWS\system32\twinqqez.exe GID003
O4 - HKLM\..\Run: [newname] c:\\nwnmc_2.exe
O4 - HKLM\..\Run: [ACTX1] C:\WINDOWS\v1201.exe
O4 - HKLM\..\Run: [mkklitaA] C:\WINDOWS\mkklitaA.exe
O4 - HKLM\..\Run: [TheMonitor] C:\WINDOWS\SYSC00.exe
O4 - HKLM\..\Run: [sys01399794509-] C:\WINDOWS\sys01399794509-.exe
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Documents and Settings\Brad\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,NewDotNetStartup -s
O4 - HKLM\..\RunServices: [winlog] winlog.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [Tpap] "C:\PROGRA~1\COMMON~1\FNTS~1\winspool.exe" -vt yazr
O4 - HKCU\..\Run: [Kizxr] C:\WINDOWS\system32\CROSOF~1\ANREGW~1.EXE
O4 - HKCU\..\Run: [TClock.exe] C:\Program Files\TClock\tclock_install.exe
O4 - HKCU\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O4 - Startup: XFX Game Controller.lnk = ?
O4 - Startup: Zeno.lnk = C:\WINDOWS\system32\twinqqez.exe
O4 - Startup: Z_Start.lnk = C:\WINDOWS\system32\prdsregq.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1144422573946
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B0D5005F-B493-426C-A066-8243F4466A72}: NameServer = 216.114.28.3,64.83.160.45
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter: text/html - {DA28E0DB-229C-4003-827E-96AE15AD90FB} - C:\WINDOWS\system32\x3cqp0.dll
O20 - AppInit_DLLs: repairs303169590.dll,lsass.dll
O20 - Winlogon Notify: SharedDLLs - C:\WINDOWS\system32\mbacm32.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\QnJhZCBEb2Jlcg\command.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Windows Overlay Components - Unknown owner - C:\WINDOWS\mkklita.exe

Any help would be great, because I got on this by using task manager to open an application, because my desktop no longer comes up (they're getting worse)....

Dober

BC AdBot (Login to Remove)

 


#2 Dober

Dober
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:07 PM

Posted 28 June 2006 - 08:25 PM

Sorry, I put this in the wrong folder/group thing. Here's a new hijackthis log if you want to take a looksee. (I've been working on a couple myself)

Logfile of HijackThis v1.99.1
Scan saved at 8:15:47 PM, on 6/28/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\explorer.exe
C:\Program Files\HijackThis 1.99.1\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.mrfindalot.com/search.asp?si=20065&k=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.mrfindalot.com/search.asp?si=20065&k=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - C:\Program Files\SurfSideKick 3\SskBho.dll
F2 - REG:system.ini: Shell=Explorer.exe, C:\WINDOWS\system32\pjbvq.exe
F2 - REG:system.ini: UserInit=userinit.exe,afiabll.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Yvakt Class - {AE0ECC2F-0C33-494C-8B22-B57A7763027F} - C:\WINDOWS\system32\x3cqp0.dll (file missing)
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [{B9-9E-EB-B3-ZN}] c:\windows\system32\dwdsregt.exe GID003
O4 - HKLM\..\Run: [winlog] winlog.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [TheMonitor] C:\WINDOWS\SYSC00.exe
O4 - HKLM\..\Run: [sys01399794509-] C:\WINDOWS\sys01399794509-.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [outlook] C:\Program Files\outlook\outlook.exe /auto
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [keyboard] c:\\kybrdc_2.exe
O4 - HKLM\..\Run: [ftexc] C:\WINDOWS\system32\mptft.exe
O4 - HKLM\..\Run: [defender] c:\\dfndrc_2.exe
O4 - HKLM\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O4 - HKLM\..\RunServices: [winlog] winlog.exe
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKLM\..\RunOnce: [I8FZWor] "C:\WINDOWS\system32\gbe90qs.exe" -Ho61xAVDI
O4 - HKCU\..\Run: [Tpap] "C:\PROGRA~1\COMMON~1\FNTS~1\winspool.exe" -vt yazr
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [Kizxr] C:\WINDOWS\system32\CROSOF~1\ANREGW~1.EXE
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1144422573946
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B0D5005F-B493-426C-A066-8243F4466A72}: NameServer = 216.114.28.3,64.83.160.45
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: repairs303169590.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

Thanks again!
Dober

#3 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:01:07 AM

Posted 29 June 2006 - 07:12 AM

Hello,

I notice that you do not seem to be running Antivirus software and a Firewall. This is somewhat suicidal in today's digital world.
That's why I want you to install them first!!

AVG, Avira OR Avast are good FREE antivirus.
Never install more than one antivirusscanner or firewall on your system! Several together can give problems and decrease the reliability of it seriously!
Zonealarm, Agnitum Outpost Free OR Kerio are FREE firewalls.

Understanding and using firewalls

It is important you don't miss a step and perform everything in the right order!!

Go to start > controlpanel > software > add/remove programs and uninstall next if present:

Surfsidekick
Forethought
Quicklinks
Oin
Yazzle by Oin
Purityscan by Oin
Snowballwars by Oin
Cowabanga by OIN
or anything similar with Oin in it.


If OIN not listed, download and run this uninstaller.

Reboot when done! Really important!

* Download Brute Force Uninstaller.
Unzip it to a folder of itís own (c:\BFU).
Read here how to unzip/extract properly:
http://metallica.geekstogo.com/xpcompressedexplanation.html
Start the Brute Force Uninstaller by doubleclicking BFU.exe

Next to the 'scriptfile to execute'-window you'll see a little icon as shown in next picture: Posted Image
When you click that icon, a little window will open that says: 'Please enter the full URL to the sript you want to execute'
In the field, copy and paste next URL:

http://metallica.geekstogo.com/alcanshorty.bfu

Click Ok.
Then click execute in Brute Force Uninstaller.

Extra note:
If nothing happens after pressing the Execute button, this means that the script didn't download. In that case, download the script
( alcanshorty.bfu ) manually from above url ( rightclick on it and choose 'save as' and save it in your BFU-folder). Then start BFU.exe again and click the browse button next to the 'scriptfile to execute'-window
Browse to the script you downloaded and Click Ok and Execute in Brute Force Uninstaller.


Wait for the complete script execution box to popup and press OK.
Press exit to terminate the BFU program.

-------------------------

* Download Combofix to your desktop.
Doubleclick combo.exe
Follow the prompts.
Don't click on the window while the fix is running, because that will cause your system to hang.

When finished and after reboot, it should open a log, combofix.txt.
Post this log in your next reply together with a new hijackthislog.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#4 Dober

Dober
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:07 PM

Posted 30 June 2006 - 07:06 PM

alright, I did what you said, and here's the results:
Start Time= Fri 06/30/2006 19:03:05.57
Running from: C:\Documents and Settings\Brad\Desktop

QuickScan did not find any signs of infected files

(((((((((((((((((((((((((((((((((((((((((((((((( Qoologic's Log ))))))))))))))))))))))))))))))))))))))))))))))))))))))

19:01:31.84

Qoologic uninstaller found and executed
Registry entries fixed


((((((((((((((((((((((((((((((((((((((((((((((((((( Ssk's Log ))))))))))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\system32\repairs303169590.dll
C:\Documents and Settings\Brad\Local Settings\Temporary Internet Files\Ssk.log
C:\Program Files\SurfSideKick 3\Ssk.exe
C:\Program Files\SurfSideKick 3\SskBho.dll
C:\Program Files\SurfSideKick 3\SskCore.dll


* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *



19:02:26.93
((((((((((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))))))


C:\Documents and Settings\LocalService\Application Data\NetMon


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-06-30 18:58:04 1063 ( A.... ) "C:\WINDOWS\system32\kzq908f1.sys"
2006-06-30 18:58:04 1063 ( A.... ) "C:\WINDOWS\system32\kzq908f1.sys"
2006-06-30 18:24:20 0 ( A.... ) "C:\Documents and Settings\Brad\Application Data\internaldb41.dat"
2006-06-30 18:12:06 183296 ( A.S.. ) "C:\WINDOWS\NDNuninstall7_22.exe"
2006-06-30 17:50:42 32768 ( A.... ) "C:\WINDOWS\hiilzbrj.exe"
2006-06-30 17:42:10 33012 ( A.... ) "C:\WINDOWS\system32\tpuninstall.exe"
2006-06-30 17:41:22 208896 ( A.... ) "C:\WINDOWS\system32\x3cqp0.dll"
2006-06-30 17:40:54 232749 ( A.... ) "C:\WINDOWS\pf78.exe"
2006-06-30 17:40:28 38412 ( A.... ) "C:\WINDOWS\ssqbn.exe"
2006-06-30 17:40:08 61440 ( A.... ) "C:\WINDOWS\system32\kzq908f1.dll"
2006-06-30 17:39:44 48167 ( A.... ) "C:\WINDOWS\system32\VSL05.exe"
2006-06-30 17:39:32 29696 ( A.... ) "C:\WINDOWS\system32\w00826ca.dll"
2006-06-30 17:38:22 184829 ( A.... ) "C:\WINDOWS\srvgntjiir.exe"
2006-06-30 17:38:22 32976 ( A.... ) "C:\WINDOWS\system32\uninstIcn.exe"
2006-06-30 17:38:22 ( .D... ) "C:\Program Files\PSHope"
2006-06-30 17:38:20 235134 ( A.... ) "C:\WINDOWS\srvzbxzfpg.exe"
2006-06-28 20:26:44 ( .D... ) "C:\Program Files\InterMute"
2006-06-28 17:36:32 8464 ( A.... ) "C:\WINDOWS\system32\sporder.dll"
2006-06-28 17:33:10 ( .D... ) "C:\Program Files\Common Files\T?sks"
2006-06-27 22:11:16 ( .D... ) "C:\Program Files\HijackThis 1.99.1"
2006-06-27 20:41:56 ( .D... ) "C:\Documents and Settings\Brad\Application Data\Lavasoft"
2006-06-27 20:41:52 ( .D... ) "C:\Program Files\Lavasoft"
2006-06-27 20:24:00 0 ( A.... ) "C:\WINDOWS\win32099-399794502006.exe"
2006-06-27 19:28:12 ( .D... ) "C:\Program Files\Common Files\rmzm"
2006-06-27 19:25:40 28672 ( A.... ) "C:\WINDOWS\system32ftuninst.exe"
2006-06-27 19:25:40 28672 ( A.... ) "C:\WINDOWS\system32\gbe90qs.exe"
2006-06-27 19:25:40 28672 ( A.... ) "C:\WINDOWS\system32\ftuninst.exe"
2006-06-27 19:23:46 105472 ( A.... ) "C:\WINDOWS\ms0594509-39972006.exe"
2006-06-27 19:21:40 81920 ( A.... ) "C:\WINDOWS\system32\lsass.dll"
2006-06-27 19:18:12 ( .D... ) "C:\Program Files\Windows"
2006-06-27 12:46:32 ( .D... ) "C:\Documents and Settings\Brad\Application Data\Sun"
2006-06-21 16:51:30 ( .D... ) "C:\Program Files\Java"
2006-06-21 16:40:30 ( .D... ) "C:\Program Files\Common Files\Java"
2006-06-21 16:39:58 ( .D... ) "C:\Program Files\LimeWire"
2006-06-20 19:55:26 389120 ( A.... ) "C:\WINDOWS\system32\nodeipproc.dll"
2006-06-16 16:48:56 ( .D... ) "C:\Program Files\Common Files\xing shared"
2006-06-16 16:48:54 176167 ( A.... ) "C:\WINDOWS\system32\rmoc3260.dll"
2006-06-16 16:48:52 278528 ( A.... ) "C:\WINDOWS\system32\pncrt.dll"
2006-06-16 16:48:52 6656 ( A.... ) "C:\WINDOWS\system32\pndx5016.dll"
2006-06-16 16:48:52 5632 ( A.... ) "C:\WINDOWS\system32\pndx5032.dll"
2006-06-16 16:48:52 ( .D... ) "C:\Program Files\Real"
2006-06-16 16:48:52 ( .D... ) "C:\Program Files\Common Files\Real"
2006-06-16 16:48:34 ( .D... ) "C:\Documents and Settings\Brad\Application Data\Real"
2006-06-15 15:26:44 1142784 ( A.... ) "C:\WINDOWS\system32\ssn6tuu.exe"
2006-06-15 15:26:40 24576 ( A.... ) "C:\WINDOWS\system32\nr1rnqm8.exe"
2006-06-09 18:47:20 ( .D... ) "C:\Program Files\eXeem"
2006-06-09 18:39:16 ( .D... ) "C:\Program Files\Alcohol Soft"
2006-06-09 18:33:42 284 ( A.... ) "C:\Documents and Settings\Brad\Application Data\ViewerApp.dat"
2006-06-09 18:01:26 50 ( A.... ) "C:\AUTOEXEC.BAT"
2006-06-09 18:00:48 ( .D... ) "C:\Program Files\PIXELA"
2006-06-09 17:58:04 ( .D... ) "C:\Program Files\Common Files\muvee Technologies"
2006-06-09 17:58:02 ( .D... ) "C:\Program Files\Sony Corporation"
2006-06-08 18:19:52 5967776 ( A.... ) "C:\WINDOWS\system32\MRT.exe"
2006-06-07 11:18:12 126976 ( A.... ) "C:\WINDOWS\War3Unin.exe"
2006-06-07 11:15:02 ( .D... ) "C:\Program Files\Warcraft III"
2006-06-01 13:47:08 163840 ( A.... ) "C:\WINDOWS\system32\jgdw400.dll"
2006-06-01 13:47:08 27648 ( A.... ) "C:\WINDOWS\system32\jgpl400.dll"
2006-05-30 18:09:20 24576 ( A.... ) "C:\WINDOWS\Uninstall.exe"
2006-05-29 10:30:34 1494016 ( A.... ) "C:\WINDOWS\system32\shdocvw.dll"
2006-05-19 10:08:32 3052544 ( A.... ) "C:\WINDOWS\system32\mshtml.dll"
2006-05-18 00:24:26 450560 ( A.... ) "C:\WINDOWS\system32\jscript.dll"
2006-05-15 15:41:50 ( .D... ) "C:\Program Files\Mediafour"
2006-05-14 12:34:06 81920 ( ....R ) "C:\WINDOWS\bwUnin-6.1.4.61-8876480L.exe"
2006-05-14 12:22:18 ( .D... ) "C:\Program Files\Common Files\Logitech"
2006-05-14 12:22:16 ( .D... ) "C:\Program Files\Logitech"
2006-05-14 03:44:08 181248 ( A.... ) "C:\WINDOWS\system32\rasmans.dll"
2006-05-13 13:57:54 ( .D... ) "C:\Documents and Settings\Brad\Application Data\Ahead"
2006-05-13 13:56:04 ( .D... ) "C:\Program Files\Nero"
2006-05-13 13:56:04 ( .D... ) "C:\Program Files\Common Files\Ahead"
2006-05-11 03:23:24 24576 ( A.... ) "C:\WINDOWS\system32\xpsp3res.dll"
2006-05-10 17:16:14 43520 ( A.... ) "C:\WINDOWS\system32\CmdLineExt03.dll"
2006-05-10 00:23:04 658432 ( A.... ) "C:\WINDOWS\system32\wininet.dll"
2006-05-10 00:23:02 613888 ( A.... ) "C:\WINDOWS\system32\urlmon.dll"
2006-05-10 00:23:02 532480 ( A.... ) "C:\WINDOWS\system32\mstime.dll"
2006-05-10 00:23:02 474112 ( A.... ) "C:\WINDOWS\system32\shlwapi.dll"
2006-05-10 00:23:02 448512 ( A.... ) "C:\WINDOWS\system32\mshtmled.dll"
2006-05-10 00:23:02 146432 ( A.... ) "C:\WINDOWS\system32\msrating.dll"
2006-05-10 00:23:02 39424 ( A.... ) "C:\WINDOWS\system32\pngfilt.dll"
2006-05-10 00:23:00 1054208 ( A.... ) "C:\WINDOWS\system32\danim.dll"
2006-05-10 00:23:00 1022976 ( A.... ) "C:\WINDOWS\system32\browseui.dll"
2006-05-10 00:23:00 357888 ( A.... ) "C:\WINDOWS\system32\dxtmsft.dll"
2006-05-10 00:23:00 251392 ( A.... ) "C:\WINDOWS\system32\iepeers.dll"
2006-05-10 00:23:00 205312 ( A.... ) "C:\WINDOWS\system32\dxtrans.dll"
2006-05-10 00:23:00 151040 ( A.... ) "C:\WINDOWS\system32\cdfview.dll"
2006-05-10 00:23:00 96256 ( A.... ) "C:\WINDOWS\system32\inseng.dll"
2006-05-10 00:23:00 55808 ( ..... ) "C:\WINDOWS\system32\extmgr.dll"
2006-05-10 00:23:00 16384 ( A.... ) "C:\WINDOWS\system32\jsproxy.dll"
2006-05-08 22:27:36 ( .D... ) "C:\Program Files\QuickTime"
2006-05-04 20:48:18 1682 ( A.SH. ) "C:\WINDOWS\system32\KGyGaAvL.sys"
2006-05-04 20:48:18 56 ( ..SHR ) "C:\WINDOWS\system32\0DC1A8A69D.sys"
2006-05-04 20:48:16 ( .D... ) "C:\Program Files\DivX"
2006-05-04 16:29:50 ( .D... ) "C:\Program Files\Spybot - Search & Destroy"
2006-05-04 16:06:06 47564 ( A.... ) "C:\ntdetect.com"
2006-04-29 06:07:48 5533696 ( A.... ) "C:\WINDOWS\system32\wmp.dll"
2006-04-16 22:35:20 60416 ( A.... ) "C:\WINDOWS\ALCFDRTM.EXE"
2006-04-10 13:00:34 555824 ( ..... ) "C:\WINDOWS\system32\LegitCheckControl.dll"
2006-04-10 13:00:30 144688 ( ..... ) "C:\WINDOWS\system32\WgaLogon.dll"
2006-04-10 13:00:28 186672 ( ..... ) "C:\WINDOWS\system32\WgaTray.exe"
2006-04-07 18:43:56 107134 ( A.... ) "C:\WINDOWS\UninstallFirefox.exe"


((((((((((((((((((((((((((((((((((((((((( Files Created - Last 90days ))))))))))))))))))))))))))))))))))))))))))))))


2006-06-30 18:12 183,296 C:\WINDOWS\NDNuninstall7_22.exe
2006-06-30 17:50 32,768 C:\WINDOWS\hiilzbrj.exe
2006-06-30 17:42 33,012 C:\WINDOWS\system32\tpuninstall.exe
2006-06-30 17:41 24,576 C:\WINDOWS\system32\nr1rnqm8.exe
2006-06-30 17:41 208,896 C:\WINDOWS\system32\x3cqp0.dll
2006-06-30 17:41 1,142,784 C:\WINDOWS\system32\ssn6tuu.exe
2006-06-30 17:40 38,412 C:\WINDOWS\ssqbn.exe
2006-06-30 17:40 1,063 C:\WINDOWS\system32\kzq908f1.sys
2006-06-30 17:39 61,440 C:\WINDOWS\system32\kzq908f1.dll
2006-06-30 17:39 48,167 C:\WINDOWS\system32\VSL05.exe
2006-06-30 17:39 29,696 C:\WINDOWS\system32\w00826ca.dll
2006-06-30 17:38 32,976 C:\WINDOWS\system32\uninstIcn.exe
2006-06-30 17:38 235,134 C:\WINDOWS\srvzbxzfpg.exe
2006-06-30 17:38 184,829 C:\WINDOWS\srvgntjiir.exe
2006-06-28 17:36 8,464 C:\WINDOWS\system32\sporder.dll
2006-06-27 20:23 0 C:\WINDOWS\win32099-399794502006.exe
2006-06-27 19:25 28,672 C:\WINDOWS\system32ftuninst.exe
2006-06-27 19:25 28,672 C:\WINDOWS\system32\gbe90qs.exe
2006-06-27 19:25 28,672 C:\WINDOWS\system32\ftuninst.exe
2006-06-27 19:21 81,920 C:\WINDOWS\system32\lsass.dll
2006-06-27 19:21 232,749 C:\WINDOWS\pf78.exe
2006-06-27 19:21 105,472 C:\WINDOWS\ms0594509-39972006.exe
2006-06-22 17:58 49,250 C:\WINDOWS\system32\javaw.exe
2006-06-22 17:58 49,248 C:\WINDOWS\system32\java.exe
2006-06-22 17:58 127,078 C:\WINDOWS\system32\javaws.exe
2006-06-20 19:55 389,120 C:\WINDOWS\system32\nodeipproc.dll
2006-06-16 16:48 6,656 C:\WINDOWS\system32\pndx5016.dll
2006-06-16 16:48 5,632 C:\WINDOWS\system32\pndx5032.dll
2006-06-16 16:48 278,528 C:\WINDOWS\system32\pncrt.dll
2006-06-16 16:48 176,167 C:\WINDOWS\system32\rmoc3260.dll
2006-06-09 18:46 306,688 C:\WINDOWS\IsUninst.exe
2006-06-09 17:58 89,360 C:\WINDOWS\system32\VB5DB.DLL
2006-06-09 17:58 854,528 C:\WINDOWS\system32\Ltwvc12n.dll
2006-06-09 17:58 78,336 C:\WINDOWS\system32\LFFAX12n.DLL
2006-06-09 17:58 43,008 C:\WINDOWS\system32\lfgif12n.dll
2006-06-09 17:58 41,472 C:\WINDOWS\system32\LTTWN12n.DLL
2006-06-09 17:58 406,528 C:\WINDOWS\system32\LTKRN12n.DLL
2006-06-09 17:58 314,880 C:\WINDOWS\system32\LFCMP12n.DLL
2006-06-09 17:58 278,528 C:\WINDOWS\system32\LTDIS12n.DLL
2006-06-09 17:58 25,600 C:\WINDOWS\system32\lfavi12n.dll
2006-06-09 17:58 227,840 C:\WINDOWS\system32\LTEFX12n.DLL
2006-06-09 17:58 166,400 C:\WINDOWS\system32\LTIMG12n.DLL
2006-06-09 17:58 155,648 C:\WINDOWS\system32\LFTIF12n.DLL
2006-06-09 17:58 122,368 C:\WINDOWS\system32\LTFIL12n.DLL
2006-06-09 17:58 121,856 C:\WINDOWS\system32\lfmpg12n.dll
2006-06-09 17:56 53,248 C:\WINDOWS\system32\SONYHCY.DLL
2006-06-07 11:18 126,976 C:\WINDOWS\War3Unin.exe
2006-05-30 18:09 24,576 C:\WINDOWS\Uninstall.exe
2006-05-14 12:34 81,920 C:\WINDOWS\bwUnin-6.1.4.61-8876480L.exe
2006-05-14 12:22 97,792 C:\WINDOWS\system32\LGUICOM.DLL
2006-05-14 12:22 94,208 C:\WINDOWS\system32\FEELIT.DLL
2006-05-14 12:22 3,568 C:\WINDOWS\system32\LMOUSE16.DLL
2006-05-14 12:22 23,372 C:\WINDOWS\system32\LCoInst.Dll
2006-05-14 12:22 20,992 C:\WINDOWS\LOGI_MWX.EXE
2006-05-14 12:22 16,896 C:\WINDOWS\system32\LMOUSE32.DLL
2006-05-14 12:22 155,648 C:\WINDOWS\system32\ifc21.dll
2006-05-14 12:22 152,064 C:\WINDOWS\system32\lmoufrc.dll
2006-05-14 12:22 104,960 C:\WINDOWS\system32\COMNCTR.DLL
2006-05-08 22:27 86,016 C:\WINDOWS\unvise32qt.exe
2006-05-04 20:48 56 C:\WINDOWS\system32\0DC1A8A69D.sys
2006-05-04 20:48 1,682 C:\WINDOWS\system32\KGyGaAvL.sys
2006-05-03 21:25 11,776 C:\WINDOWS\system32\spnpinst.exe
2006-04-27 19:27 9,600 C:\WINDOWS\system32\hidusb.sys
2006-04-27 19:27 720,896 C:\WINDOWS\system32\XFX_page.dll
2006-04-27 19:27 65,572 C:\WINDOWS\system32\XFX_ffb.dll
2006-04-27 19:27 33,152 C:\WINDOWS\system32\hidclass.sys
2006-04-27 19:27 23,680 C:\WINDOWS\system32\hidparse.sys
2006-04-27 18:36 43,520 C:\WINDOWS\system32\CmdLineExt03.dll
2006-04-16 22:35 60,416 C:\WINDOWS\ALCFDRTM.EXE
2006-04-16 18:33 90,112 C:\WINDOWS\system32\SCCD3X02.DLL
2006-04-16 18:33 131,072 C:\WINDOWS\system32\SCCD3X01.DLL
2006-04-10 13:00 555,824 C:\WINDOWS\system32\LegitCheckControl.dll
2006-04-10 13:00 186,672 C:\WINDOWS\system32\WgaTray.exe
2006-04-10 13:00 144,688 C:\WINDOWS\system32\WgaLogon.dll
2006-04-07 18:43 107,134 C:\WINDOWS\UninstallFirefox.exe
2006-04-07 12:05 77,312 C:\WINDOWS\system32\browser.dll
2006-04-07 12:05 614,912 C:\WINDOWS\system32\h323msp.dll
2006-04-07 12:05 5,967,776 C:\WINDOWS\system32\MRT.exe
2006-04-07 12:05 39,936 C:\WINDOWS\system32\mf3216.dll
2006-04-07 12:05 332,288 C:\WINDOWS\system32\netapi32.dll
2006-04-07 12:05 331,264 C:\WINDOWS\system32\ipnathlp.dll
2006-04-07 12:04 956,416 C:\WINDOWS\system32\msdtctm.dll
2006-04-07 12:04 91,136 C:\WINDOWS\system32\mtxoci.dll
2006-04-07 12:04 66,560 C:\WINDOWS\system32\mtxclu.dll
2006-04-07 12:04 625,152 C:\WINDOWS\system32\catsrvut.dll
2006-04-07 12:04 60,416 C:\WINDOWS\system32\colbact.dll
2006-04-07 12:04 581,120 C:\WINDOWS\system32\rpcrt4.dll
2006-04-07 12:04 540,160 C:\WINDOWS\system32\comuid.dll
2006-04-07 12:04 426,496 C:\WINDOWS\system32\msdtcprx.dll
2006-04-07 12:04 397,824 C:\WINDOWS\system32\rpcss.dll
2006-04-07 12:04 243,200 C:\WINDOWS\system32\es.dll
2006-04-07 12:04 239,104 C:\WINDOWS\system32\srrstr.dll
2006-04-07 12:04 225,792 C:\WINDOWS\system32\catsrv.dll
2006-04-07 12:04 161,280 C:\WINDOWS\system32\msdtcuiu.dll
2006-04-07 12:04 110,080 C:\WINDOWS\system32\clbcatex.dll
2006-04-07 12:04 101,376 C:\WINDOWS\system32\txflog.dll
2006-04-07 12:04 1,285,120 C:\WINDOWS\system32\ole32.dll
2006-04-07 12:04 1,267,200 C:\WINDOWS\system32\comsvcs.dll
2006-04-07 12:02 26,112 C:\WINDOWS\system32\xpsp1hfm.exe
2006-04-07 11:02 90,112 C:\WINDOWS\SOUNDMAN.EXE
2006-04-07 11:02 40,960 C:\WINDOWS\system32\ChCfg.exe
2006-04-07 11:02 307,200 C:\WINDOWS\alcupd.exe
2006-04-07 11:02 212,992 C:\WINDOWS\alcrmv.exe
2006-04-07 11:02 156,672 C:\WINDOWS\system32\RTLCPAPI.dll
2006-04-07 11:02 10,458,112 C:\WINDOWS\system32\RTLCPL.EXE
2006-04-07 10:59 9,728 C:\WINDOWS\system32\bdco1ins.dll
2006-04-07 10:59 9,728 C:\WINDOWS\system32\bdco1.dll
2006-04-07 10:59 466,944 C:\WINDOWS\system32\CapabilityTable.exe
2006-04-07 10:59 33,280 C:\WINDOWS\system32\nvconrmins.dll
2006-04-07 10:59 33,280 C:\WINDOWS\system32\nvconrm.dll
2006-04-07 10:59 33,280 C:\WINDOWS\system32\NVCOI.DLL
2006-04-07 10:59 289,792 C:\WINDOWS\system32\idecoins.dll
2006-04-07 10:59 289,792 C:\WINDOWS\system32\idecoi.dll
2006-04-07 10:59 202,240 C:\WINDOWS\system32\fdco1ins.dll
2006-04-07 10:59 202,240 C:\WINDOWS\system32\fdco1.dll
2006-04-07 10:59 176,128 C:\WINDOWS\system32\nvusmb.exe
2006-04-07 10:59 176,128 C:\WINDOWS\system32\nvunrm.exe
2006-04-07 10:59 176,128 C:\WINDOWS\system32\NVUNINST.EXE
2006-04-07 10:59 176,128 C:\WINDOWS\system32\nvuide.exe
2006-04-07 10:49 50 C:\AUTOEXEC.BAT
2006-04-07 10:49 112,128 C:\WINDOWS\system32\mapi32.dll
2006-04-07 10:49 0 C:\MSDOS.SYS
2006-04-07 10:49 0 C:\IO.SYS
2006-04-07 10:49 0 C:\CONFIG.SYS
2006-04-07 10:47 64,512 C:\WINDOWS\system32\acctres.dll
2006-04-07 10:47 16,384 C:\WINDOWS\system32\icfgnt5.dll
2006-04-07 10:47 12,288 C:\WINDOWS\system32\nmevtmsg.dll
2006-04-07 10:47 11,264 C:\WINDOWS\system32\atrace.dll
2006-04-07 10:46 97,792 C:\WINDOWS\system32\comrepl.dll
2006-04-07 10:46 9,728 C:\WINDOWS\system32\reset.exe
2006-04-07 10:46 80,384 C:\WINDOWS\system32\charmap.exe
2006-04-07 10:46 73,216 C:\WINDOWS\system32\avwav.dll
2006-04-07 10:46 605,696 C:\WINDOWS\system32\getuname.dll
2006-04-07 10:46 56,832 C:\WINDOWS\system32\sol.exe
2006-04-07 10:46 55,296 C:\WINDOWS\system32\freecell.exe
2006-04-07 10:46 54,272 C:\WINDOWS\system32\stclient.dll
2006-04-07 10:46 5,632 C:\WINDOWS\system32\write.exe
2006-04-07 10:46 5,120 C:\WINDOWS\system32\dcomcnfg.exe
2006-04-07 10:46 44,544 C:\WINDOWS\system32\hticons.dll
2006-04-07 10:46 4,096 C:\WINDOWS\system32\rdpcfgex.dll
2006-04-07 10:46 4,096 C:\WINDOWS\system32\mtxex.dll
2006-04-07 10:46 35,328 C:\WINDOWS\system32\winchat.exe
2006-04-07 10:46 33,792 C:\WINDOWS\system32\regini.exe
2006-04-07 10:46 25,600 C:\WINDOWS\system32\comaddin.dll
2006-04-07 10:46 25,088 C:\WINDOWS\system32\mtxlegih.dll
2006-04-07 10:46 227,840 C:\WINDOWS\system32\avtapi.dll
2006-04-07 10:46 22,016 C:\WINDOWS\system32\qwinsta.exe
2006-04-07 10:46 20,992 C:\WINDOWS\system32\msg.exe
2006-04-07 10:46 20,480 C:\WINDOWS\system32\mtxdm.dll
2006-04-07 10:46 16,896 C:\WINDOWS\system32\tsshutdn.exe
2006-04-07 10:46 16,896 C:\WINDOWS\system32\qappsrv.exe
2006-04-07 10:46 16,384 C:\WINDOWS\system32\tskill.exe
2006-04-07 10:46 16,384 C:\WINDOWS\system32\avmeter.dll
2006-04-07 10:46 15,872 C:\WINDOWS\system32\rwinsta.exe
2006-04-07 10:46 15,872 C:\WINDOWS\system32\cdmodem.dll
2006-04-07 10:46 15,360 C:\WINDOWS\system32\logoff.exe
2006-04-07 10:46 147,456 C:\WINDOWS\system32\comsnap.dll
2006-04-07 10:46 14,848 C:\WINDOWS\system32\tsdiscon.exe
2006-04-07 10:46 14,848 C:\WINDOWS\system32\tscon.exe
2006-04-07 10:46 14,848 C:\WINDOWS\system32\shadow.exe
2006-04-07 10:46 138,752 C:\WINDOWS\system32\sndvol32.exe
2006-04-07 10:46 126,976 C:\WINDOWS\system32\mshearts.exe
2006-04-07 10:46 124,184 C:\WINDOWS\system32\wuauclt.exe
2006-04-07 10:46 119,808 C:\WINDOWS\system32\winmine.exe
2006-04-07 10:46 114,688 C:\WINDOWS\system32\calc.exe
2006-04-07 10:46 1,343,768 C:\WINDOWS\system32\wuaueng.dll
2006-04-07 10:46 1,161 C:\WINDOWS\system32\usrlogon.cmd
2006-04-07 10:40 994,304 C:\WINDOWS\system32\msgina.dll
2006-04-07 10:40 99,840 C:\WINDOWS\system32\advpack.dll
2006-04-07 10:40 99,328 C:\WINDOWS\system32\winscard.dll
2006-04-07 10:40 984,576 C:\WINDOWS\system32\syssetup.dll
2006-04-07 10:40 983,552 C:\WINDOWS\system32\setupapi.dll
2006-04-07 10:40 983,552 C:\WINDOWS\system32\kernel32.dll
2006-04-07 10:40 98,304 C:\WINDOWS\system32\slbiop.dll
2006-04-07 10:40 98,304 C:\WINDOWS\system32\ahui.exe
2006-04-07 10:40 97,280 C:\WINDOWS\system32\loadperf.dll
2006-04-07 10:40 96,768 C:\WINDOWS\system32\srvsvc.dll
2006-04-07 10:40 96,768 C:\WINDOWS\system32\psbase.dll
2006-04-07 10:40 96,768 C:\WINDOWS\system32\dpcdll.dll
2006-04-07 10:40 96,256 C:\WINDOWS\system32\occache.dll
2006-04-07 10:40 95,744 C:\WINDOWS\system32\scardsvr.exe
2006-04-07 10:40 95,744 C:\WINDOWS\system32\mqsec.dll
2006-04-07 10:40 94,720 C:\WINDOWS\system32\iphlpapi.dll
2006-04-07 10:40 94,208 C:\WINDOWS\system32\odbcint.dll
2006-04-07 10:40 93,696 C:\WINDOWS\system32\tscfgwmi.dll
2006-04-07 10:40 92,672 C:\WINDOWS\system32\wlnotify.dll
2006-04-07 10:40 92,672 C:\WINDOWS\system32\dskquota.dll
2006-04-07 10:40 92,224 C:\WINDOWS\system32\krnl386.exe
2006-04-07 10:40 92,168 C:\WINDOWS\system32\rdpdd.dll
2006-04-07 10:40 91,648 C:\WINDOWS\system32\xactsrv.dll
2006-04-07 10:40 91,136 C:\WINDOWS\system32\ntprint.dll
2006-04-07 10:40 90,624 C:\WINDOWS\system32\trkwks.dll
2006-04-07 10:40 90,624 C:\WINDOWS\system32\mydocs.dll
2006-04-07 10:40 9,728 C:\WINDOWS\system32\gpkrsrc.dll
2006-04-07 10:40 9,344 C:\WINDOWS\system32\framebuf.dll
2006-04-07 10:40 9,216 C:\WINDOWS\system32\scrnsave.scr
2006-04-07 10:40 9,216 C:\WINDOWS\system32\proxycfg.exe
2006-04-07 10:40 89,600 C:\WINDOWS\system32\smlogsvc.exe
2006-04-07 10:40 89,088 C:\WINDOWS\system32\rasauto.dll
2006-04-07 10:40 89,088 C:\WINDOWS\system32\mqlogmgr.dll
2006-04-07 10:40 884,736 C:\WINDOWS\system32\msimsg.dll
2006-04-07 10:40 875,008 C:\WINDOWS\system32\netplwiz.dll
2006-04-07 10:40 87,552 C:\WINDOWS\system32\fldrclnr.dll
2006-04-07 10:40 87,176 C:\WINDOWS\system32\rdpwsx.dll
2006-04-07 10:40 87,040 C:\WINDOWS\system32\mprapi.dll
2006-04-07 10:40 86,016 C:\WINDOWS\system32\netsh.exe
2006-04-07 10:40 86,016 C:\WINDOWS\system32\msapsspc.dll
2006-04-07 10:40 858,624 C:\WINDOWS\system32\tapi3.dll
2006-04-07 10:40 85,504 C:\WINDOWS\system32\makecab.exe
2006-04-07 10:40 85,504 C:\WINDOWS\system32\diantz.exe
2006-04-07 10:40 85,504 C:\WINDOWS\system32\catsrvps.dll
2006-04-07 10:40 84,992 C:\WINDOWS\system32\avifil32.dll
2006-04-07 10:40 84,480 C:\WINDOWS\system32\mciavi32.dll
2006-04-07 10:40 84,480 C:\WINDOWS\system32\cabview.dll
2006-04-07 10:40 831,519 C:\WINDOWS\system32\mswdat10.dll
2006-04-07 10:40 83,456 C:\WINDOWS\system32\olepro32.dll
2006-04-07 10:40 83,456 C:\WINDOWS\system32\dpvsetup.exe
2006-04-07 10:40 825,344 C:\WINDOWS\system32\d3dim700.dll
2006-04-07 10:40 82,944 C:\WINDOWS\system32\ws2_32.dll
2006-04-07 10:40 82,432 C:\WINDOWS\system32\dmscript.dll
2006-04-07 10:40 82,432 C:\WINDOWS\system32\dfrgfat.exe
2006-04-07 10:40 815,104 C:\WINDOWS\system32\mmc.exe
2006-04-07 10:40 81,920 C:\WINDOWS\system32\isign32.dll
2006-04-07 10:40 81,920 C:\WINDOWS\system32\ils.dll
2006-04-07 10:40 80,896 C:\WINDOWS\system32\netui0.dll
2006-04-07 10:40 80,384 C:\WINDOWS\system32\iccvid.dll
2006-04-07 10:40 80,384 C:\WINDOWS\system32\faultrep.dll
2006-04-07 10:40 8,704 C:\WINDOWS\system32\dciman32.dll
2006-04-07 10:40 8,704 C:\WINDOWS\system32\batt.dll
2006-04-07 10:40 8,452,096 C:\WINDOWS\system32\shell32.dll
2006-04-07 10:40 8,192 C:\WINDOWS\system32\rasadhlp.dll
2006-04-07 10:40 8,192 C:\WINDOWS\system32\ntlsapi.dll
2006-04-07 10:40 8,192 C:\WINDOWS\system32\igmpagnt.dll
2006-04-07 10:40 8,192 C:\WINDOWS\system32\d3d8thk.dll
2006-04-07 10:40 8,192 C:\WINDOWS\system32\bitsprx2.dll
2006-04-07 10:40 792,064 C:\WINDOWS\system32\comres.dll
2006-04-07 10:40 78,848 C:\WINDOWS\system32\msiexec.exe
2006-04-07 10:40 78,336 C:\WINDOWS\system32\tlntsess.exe
2006-04-07 10:40 78,336 C:\WINDOWS\system32\browsewm.dll
2006-04-07 10:40 77,824 C:\WINDOWS\system32\shrpubw.exe
2006-04-07 10:40 77,824 C:\WINDOWS\system32\cliconfg.dll
2006-04-07 10:40 77,312 C:\WINDOWS\system32\sdbinst.exe
2006-04-07 10:40 77,312 C:\WINDOWS\system32\rtcshare.exe
2006-04-07 10:40 764,928 C:\WINDOWS\system32\winntbbu.dll
2006-04-07 10:40 76,800 C:\WINDOWS\system32\nslookup.exe
2006-04-07 10:40 755,200 C:\WINDOWS\system32\ir50_32.dll
2006-04-07 10:40 75,776 C:\WINDOWS\system32\wiascr.dll
2006-04-07 10:40 75,776 C:\WINDOWS\system32\telnet.exe
2006-04-07 10:40 75,264 C:\WINDOWS\system32\inetpp.dll
2006-04-07 10:40 74,752 C:\WINDOWS\system32\storprop.dll
2006-04-07 10:40 74,752 C:\WINDOWS\system32\spoolss.dll
2006-04-07 10:40 74,752 C:\WINDOWS\system32\cryptdlg.dll
2006-04-07 10:40 74,240 C:\WINDOWS\system32\usbui.dll
2006-04-07 10:40 74,240 C:\WINDOWS\system32\unimdmat.dll
2006-04-07 10:40 74,240 C:\WINDOWS\system32\mscms.dll
2006-04-07 10:40 733,696 C:\WINDOWS\system32\qedwipes.dll
2006-04-07 10:40 73,728 C:\WINDOWS\system32\icwdial.dll
2006-04-07 10:40 73,728 C:\WINDOWS\system32\fdeploy.dll
2006-04-07 10:40 73,216 C:\WINDOWS\system32\tlntsvr.exe
2006-04-07 10:40 723,456 C:\WINDOWS\system32\userenv.dll
2006-04-07 10:40 721,920 C:\WINDOWS\system32\lsasrv.dll
2006-04-07 10:40 72,704 C:\WINDOWS\system32\msw3prt.dll
2006-04-07 10:40 72,704 C:\WINDOWS\system32\magnify.exe
2006-04-07 10:40 713,728 C:\WINDOWS\system32\opengl32.dll
2006-04-07 10:40 713,216 C:\WINDOWS\system32\sxs.dll
2006-04-07 10:40 71,680 C:\WINDOWS\system32\ssdpsrv.dll
2006-04-07 10:40 71,680 C:\WINDOWS\system32\msacm32.dll
2006-04-07 10:40 71,680 C:\WINDOWS\system32\dsdmoprp.dll
2006-04-07 10:40 708,096 C:\WINDOWS\system32\ntdll.dll
2006-04-07 10:40 704,512 C:\WINDOWS\system32\ss3dfo.scr
2006-04-07 10:40 701,440 C:\WINDOWS\system32\msxml2.dll
2006-04-07 10:40 70,656 C:\WINDOWS\system32\mmcbase.dll
2006-04-07 10:40 70,656 C:\WINDOWS\system32\amstream.dll
2006-04-07 10:40 70,144 C:\WINDOWS\system32\sigverif.exe
2006-04-07 10:40 7,424 C:\WINDOWS\system32\kd1394.dll
2006-04-07 10:40 7,168 C:\WINDOWS\system32\tlntsvrp.dll
2006-04-07 10:40 7,168 C:\WINDOWS\system32\bitsprx3.dll
2006-04-07 10:40 69,632 C:\WINDOWS\system32\scarddlg.dll
2006-04-07 10:40 69,632 C:\WINDOWS\system32\raschap.dll
2006-04-07 10:40 69,632 C:\WINDOWS\system32\odbcconf.exe
2006-04-07 10:40 69,632 C:\WINDOWS\system32\msconf.dll
2006-04-07 10:40 69,120 C:\WINDOWS\system32\notepad.exe
2006-04-07 10:40 69,120 C:\WINDOWS\system32\msctfp.dll
2006-04-07 10:40 69,120 C:\WINDOWS\system32\ciodm.dll
2006-04-07 10:40 69,120 C:\WINDOWS\notepad.exe
2006-04-07 10:40 68,768 C:\WINDOWS\system32\mmsystem.dll
2006-04-07 10:40 68,608 C:\WINDOWS\system32\digest.dll
2006-04-07 10:40 68,096 C:\WINDOWS\system32\webclnt.dll
2006-04-07 10:40 68,096 C:\WINDOWS\system32\shgina.dll
2006-04-07 10:40 68,096 C:\WINDOWS\system32\adsmsext.dll
2006-04-07 10:40 679,936 C:\WINDOWS\system32\sstext3d.scr
2006-04-07 10:40 679,424 C:\WINDOWS\system32\inetcomm.dll
2006-04-07 10:40 67,584 C:\WINDOWS\system32\sti.dll
2006-04-07 10:40 67,584 C:\WINDOWS\system32\srclient.dll
2006-04-07 10:40 67,584 C:\WINDOWS\system32\osuninst.dll
2006-04-07 10:40 67,584 C:\WINDOWS\system32\openfiles.exe
2006-04-07 10:40 67,072 C:\WINDOWS\system32\rdshost.exe
2006-04-07 10:40 67,072 C:\WINDOWS\system32\ntdsapi.dll
2006-04-07 10:40 660,992 C:\WINDOWS\system32\mqqm.dll
2006-04-07 10:40 657,920 C:\WINDOWS\system32\rasdlg.dll
2006-04-07 10:40 655,360 C:\WINDOWS\system32\mstscax.dll
2006-04-07 10:40 65,536 C:\WINDOWS\system32\wextract.exe
2006-04-07 10:40 65,536 C:\WINDOWS\system32\shimeng.dll
2006-04-07 10:40 65,536 C:\WINDOWS\system32\odbccu32.dll
2006-04-07 10:40 65,536 C:\WINDOWS\system32\odbccr32.dll
2006-04-07 10:40 65,536 C:\WINDOWS\system32\icwphbk.dll
2006-04-07 10:40 65,024 C:\WINDOWS\system32\nwwks.dll
2006-04-07 10:40 65,024 C:\WINDOWS\system32\asycfilt.dll
2006-04-07 10:40 640,000 C:\WINDOWS\system32\dbghelp.dll
2006-04-07 10:40 64,000 C:\WINDOWS\system32\samlib.dll
2006-04-07 10:40 64,000 C:\WINDOWS\system32\cleanmgr.exe
2006-04-07 10:40 63,488 C:\WINDOWS\system32\cryptnet.dll
2006-04-07 10:40 63,488 C:\WINDOWS\system32\cmstp.exe
2006-04-07 10:40 63,488 C:\WINDOWS\system32\browselc.dll
2006-04-07 10:40 622,080 C:\WINDOWS\system32\netcfgx.dll
2006-04-07 10:40 62,976 C:\WINDOWS\system32\pautoenr.dll
2006-04-07 10:40 62,976 C:\WINDOWS\system32\iesetup.dll
2006-04-07 10:40 62,464 C:\WINDOWS\system32\rdpclip.exe
2006-04-07 10:40 619,008 C:\WINDOWS\system32\dx7vb.dll
2006-04-07 10:40 616,960 C:\WINDOWS\system32\advapi32.dll
2006-04-07 10:40 614,429 C:\WINDOWS\system32\mswstr10.dll
2006-04-07 10:40 611,328 C:\WINDOWS\system32\comctl32.dll
2006-04-07 10:40 610,304 C:\WINDOWS\system32\sspipes.scr
2006-04-07 10:40 61,440 C:\WINDOWS\system32\tlntadmn.exe
2006-04-07 10:40 61,440 C:\WINDOWS\system32\rasman.dll
2006-04-07 10:40 61,440 C:\WINDOWS\system32\msvcrt40.dll
2006-04-07 10:40 61,440 C:\WINDOWS\system32\dmcompos.dll
2006-04-07 10:40 61,440 C:\WINDOWS\system32\admparse.dll
2006-04-07 10:40 602,624 C:\WINDOWS\system32\autoconv.exe
2006-04-07 10:40 60,928 C:\WINDOWS\system32\miglibnt.dll
2006-04-07 10:40 60,928 C:\WINDOWS\system32\dpnhupnp.dll
2006-04-07 10:40 60,416 C:\WINDOWS\system32\remotepg.dll
2006-04-07 10:40 60,416 C:\WINDOWS\system32\cryptsvc.dll
2006-04-07 10:40 6,656 C:\WINDOWS\system32\wuauserv.dll
2006-04-07 10:40 6,656 C:\WINDOWS\system32\sensapi.dll
2006-04-07 10:40 6,656 C:\WINDOWS\system32\msidle.dll
2006-04-07 10:40 6,144 C:\WINDOWS\system32\msdtc.exe
2006-04-07 10:40 6,144 C:\WINDOWS\system32\csrss.exe
2006-04-07 10:40 596,992 C:\WINDOWS\system32\wsecedit.dll
2006-04-07 10:40 59,904 C:\WINDOWS\system32\regsvc.dll
2006-04-07 10:40 59,904 C:\WINDOWS\system32\mpr.dll
2006-04-07 10:40 59,904 C:\WINDOWS\system32\ipv6mon.dll
2006-04-07 10:40 59,904 C:\WINDOWS\system32\devenum.dll
2006-04-07 10:40 59,904 C:\WINDOWS\system32\cabinet.dll
2006-04-07 10:40 59,392 C:\WINDOWS\system32\logman.exe
2006-04-07 10:40 589,312 C:\WINDOWS\system32\wiashext.dll
2006-04-07 10:40 588,800 C:\WINDOWS\system32\autochk.exe
2006-04-07 10:40 586,240 C:\WINDOWS\system32\mlang.dll
2006-04-07 10:40 580,608 C:\WINDOWS\system32\autofmt.exe
2006-04-07 10:40 58,880 C:\WINDOWS\system32\resutils.dll
2006-04-07 10:40 58,880 C:\WINDOWS\system32\rastapi.dll
2006-04-07 10:40 58,880 C:\WINDOWS\system32\msdtclog.dll
2006-04-07 10:40 58,880 C:\WINDOWS\system32\licwmi.dll
2006-04-07 10:40 58,880 C:\WINDOWS\system32\atl.dll
2006-04-07 10:40 58,368 C:\WINDOWS\system32\packager.exe
2006-04-07 10:40 577,024 C:\WINDOWS\system32\user32.dll
2006-04-07 10:40 57,856 C:\WINDOWS\system32\synceng.dll
2006-04-07 10:40 57,856 C:\WINDOWS\system32\spoolsv.exe
2006-04-07 10:40 57,856 C:\WINDOWS\system32\clusapi.dll
2006-04-07 10:40 57,344 C:\WINDOWS\system32\msasn1.dll
2006-04-07 10:40 57,344 C:\WINDOWS\system32\dpwsockx.dll
2006-04-07 10:40 566,784 C:\WINDOWS\system32\gpedit.dll
2006-04-07 10:40 562,176 C:\WINDOWS\system32\qedit.dll
2006-04-07 10:40 560,640 C:\WINDOWS\system32\printui.dll
2006-04-07 10:40 56,832 C:\WINDOWS\system32\rasphone.exe
2006-04-07 10:40 56,832 C:\WINDOWS\system32\mshtmler.dll
2006-04-07 10:40 56,832 C:\WINDOWS\system32\authz.dll
2006-04-07 10:40 56,320 C:\WINDOWS\system32\servdeps.dll
2006-04-07 10:40 56,320 C:\WINDOWS\system32\cipher.exe
2006-04-07 10:40 553,472 C:\WINDOWS\system32\oleaut32.dll
2006-04-07 10:40 552,989 C:\WINDOWS\system32\msrepl40.dll
2006-04-07 10:40 55,808 C:\WINDOWS\system32\secur32.dll
2006-04-07 10:40 55,808 C:\WINDOWS\system32\ipconfig.exe
2006-04-07 10:40 55,808 C:\WINDOWS\system32\eventlog.dll
2006-04-07 10:40 55,296 C:\WINDOWS\system32\sendmail.dll
2006-04-07 10:40 54,784 C:\WINDOWS\system32\npptools.dll
2006-04-07 10:40 54,784 C:\WINDOWS\system32\msvcirt.dll
2006-04-07 10:40 54,272 C:\WINDOWS\system32\ixsso.dll
2006-04-07 10:40 54,272 C:\WINDOWS\system32\dataclen.dll
2006-04-07 10:40 538,624 C:\WINDOWS\system32\spider.exe
2006-04-07 10:40 532,480 C:\WINDOWS\system32\mstime.dll
2006-04-07 10:40 53,840 C:\WINDOWS\system32\dosx.exe
2006-04-07 10:40 53,760 C:\WINDOWS\system32\winsta.dll
2006-04-07 10:40 53,760 C:\WINDOWS\system32\narrator.exe
2006-04-07 10:40 53,760 C:\WINDOWS\system32\cryptext.dll
2006-04-07 10:40 53,279 C:\WINDOWS\system32\odbcji32.dll
2006-04-07 10:40 53,279 C:\WINDOWS\system32\msjter40.dll
2006-04-07 10:40 53,248 C:\WINDOWS\system32\ipv6.exe
2006-04-07 10:40 52,736 C:\WINDOWS\system32\basesrv.dll
2006-04-07 10:40 52,224 C:\WINDOWS\system32\dmutil.dll
2006-04-07 10:40 517,632 C:\WINDOWS\system32\mqsnap.dll
2006-04-07 10:40 514,560 C:\WINDOWS\system32\logonui.exe
2006-04-07 10:40 512,512 C:\WINDOWS\system32\cryptui.dll
2006-04-07 10:40 512,029 C:\WINDOWS\system32\msexch40.dll
2006-04-07 10:40 51,712 C:\WINDOWS\system32\wzcsapi.dll
2006-04-07 10:40 51,712 C:\WINDOWS\system32\vdmredir.dll
2006-04-07 10:40 51,712 C:\WINDOWS\system32\msident.dll
2006-04-07 10:40 51,200 C:\WINDOWS\system32\dssec.dll
2006-04-07 10:40 506,368 C:\WINDOWS\system32\msxml.dll
2006-04-07 10:40 502,272 C:\WINDOWS\system32\winlogon.exe
2006-04-07 10:40 50,688 C:\WINDOWS\twain_32.dll
2006-04-07 10:40 50,688 C:\WINDOWS\system32\wstdecod.dll
2006-04-07 10:40 50,688 C:\WINDOWS\system32\smss.exe
2006-04-07 10:40 50,688 C:\WINDOWS\system32\mmcshext.dll
2006-04-07 10:40 50,688 C:\WINDOWS\system32\camocx.dll
2006-04-07 10:40 50,176 C:\WINDOWS\system32\utilman.exe
2006-04-07 10:40 50,176 C:\WINDOWS\system32\reg.exe
2006-04-07 10:40 50,176 C:\WINDOWS\system32\proquota.exe
2006-04-07 10:40 50,176 C:\WINDOWS\system32\eventcreate.exe
2006-04-07 10:40 5,632 C:\WINDOWS\system32\wmi.dll
2006-04-07 10:40 5,632 C:\WINDOWS\system32\winver.exe
2006-04-07 10:40 5,632 C:\WINDOWS\system32\security.dll
2006-04-07 10:40 5,632 C:\WINDOWS\system32\cisvc.exe
2006-04-07 10:40 5,120 C:\WINDOWS\system32\sfc.dll
2006-04-07 10:40 5,120 C:\WINDOWS\system32\dllhost.exe
2006-04-07 10:40 498,205 C:\WINDOWS\system32\dxmasf.dll
2006-04-07 10:40 49,664 C:\WINDOWS\system32\regapi.dll
2006-04-07 10:40 49,152 C:\WINDOWS\system32\wdigest.dll
2006-04-07 10:40 488,448 C:\WINDOWS\system32\ntmsmgr.dll
2006-04-07 10:40 48,640 C:\WINDOWS\system32\mqupgrd.dll
2006-04-07 10:40 48,640 C:\WINDOWS\system32\iernonce.dll
2006-04-07 10:40 48,128 C:\WINDOWS\system32\msprivs.dll
2006-04-07 10:40 48,128 C:\WINDOWS\system32\inetres.dll
2006-04-07 10:40 48,128 C:\WINDOWS\system32\docprop2.dll
2006-04-07 10:40 471,552 C:\WINDOWS\system32\mqutil.dll
2006-04-07 10:40 47,616 C:\WINDOWS\system32\iyuv_32.dll
2006-04-07 10:40 47,564 C:\ntdetect.com
2006-04-07 10:40 47,104 C:\WINDOWS\system32\ssmypics.scr
2006-04-07 10:40 47,104 C:\WINDOWS\system32\mqdscli.dll
2006-04-07 10:40 47,104 C:\WINDOWS\system32\cnbjmon.dll
2006-04-07 10:40 47,104 C:\WINDOWS\system32\cmdl32.exe
2006-04-07 10:40 463,360 C:\WINDOWS\system32\wiadefui.dll
2006-04-07 10:40 457,728 C:\WINDOWS\system32\certmgr.dll
2006-04-07 10:40 45,568 C:\WINDOWS\system32\tcpmonui.dll
2006-04-07 10:40 45,568 C:\WINDOWS\system32\tcpmon.dll
2006-04-07 10:40 45,568 C:\WINDOWS\system32\safrslv.dll
2006-04-07 10:40 45,568 C:\WINDOWS\system32\extrac32.exe
2006-04-07 10:40 45,568 C:\WINDOWS\system32\dnsrslvr.dll
2006-04-07 10:40 448,512 C:\WINDOWS\system32\mshtmled.dll
2006-04-07 10:40 442,368 C:\WINDOWS\system32\sqlsrv32.dll
2006-04-07 10:40 44,544 C:\WINDOWS\system32\tscupgrd.exe
2006-04-07 10:40 44,544 C:\WINDOWS\system32\alg.exe
2006-04-07 10:40 44,032 C:\WINDOWS\system32\rtutils.dll
2006-04-07 10:40 438,784 C:\WINDOWS\system32\xpob2res.dll
2006-04-07 10:40 438,272 C:\WINDOWS\system32\shimgvw.dll
2006-04-07 10:40 435,200 C:\WINDOWS\system32\ntmssvc.dll
2006-04-07 10:40 433,664 C:\WINDOWS\system32\wiaacmgr.exe
2006-04-07 10:40 431,616 C:\WINDOWS\system32\riched20.dll
2006-04-07 10:40 430,592 C:\WINDOWS\system32\vssapi.dll
2006-04-07 10:40 43,520 C:\WINDOWS\system32\safrcdlg.dll
2006-04-07 10:40 43,520 C:\WINDOWS\system32\racpldlg.dll
2006-04-07 10:40 43,520 C:\WINDOWS\system32\pstorec.dll
2006-04-07 10:40 43,520 C:\WINDOWS\system32\ntlanman.dll
2006-04-07 10:40 423,936 C:\WINDOWS\system32\licdll.dll
2006-04-07 10:40 421,919 C:\WINDOWS\system32\msrd2x40.dll
2006-04-07 10:40 42,537 C:\WINDOWS\system32\keyboard.sys
2006-04-07 10:40 42,496 C:\WINDOWS\system32\wsnmp32.dll
2006-04-07 10:40 42,496 C:\WINDOWS\system32\shmgrate.exe
2006-04-07 10:40 42,496 C:\WINDOWS\system32\net.exe
2006-04-07 10:40 42,496 C:\WINDOWS\system32\ftp.exe
2006-04-07 10:40 42,496 C:\WINDOWS\system32\audiosrv.dll
2006-04-07 10:40 419,840 C:\WINDOWS\system32\ntvdm.exe
2006-04-07 10:40 415,744 C:\WINDOWS\system32\samsrv.dll
2006-04-07 10:40 413,696 C:\WINDOWS\system32\msvcp60.dll
2006-04-07 10:40 41,984 C:\WINDOWS\system32\htui.dll
2006-04-07 10:40 407,552 C:\WINDOWS\system32\mstsc.exe
2006-04-07 10:40 407,040 C:\WINDOWS\system32\netlogon.dll
2006-04-07 10:40 406,528 C:\WINDOWS\system32\usp10.dll
2006-04-07 10:40 40,960 C:\WINDOWS\system32\ntmsapi.dll
2006-04-07 10:40 4,608 C:\WINDOWS\system32\msimg32.dll
2006-04-07 10:40 4,608 C:\WINDOWS\system32\mqsvc.exe
2006-04-07 10:40 4,126 C:\WINDOWS\system32\msdxmlc.dll
2006-04-07 10:40 4,096 C:\WINDOWS\system32\nddeapir.exe
2006-04-07 10:40 4,096 C:\WINDOWS\system32\ksuser.dll
2006-04-07 10:40 4,096 C:\WINDOWS\system32\actmovie.exe
2006-04-07 10:40 399,872 C:\WINDOWS\system32\lmrt.dll
2006-04-07 10:40 397,824 C:\WINDOWS\system32\regwizc.dll
2006-04-07 10:40 393,216 C:\WINDOWS\system32\ssflwbox.scr
2006-04-07 10:40 39,936 C:\WINDOWS\system32\rshx32.dll
2006-04-07 10:40 39,936 C:\WINDOWS\system32\perfctrs.dll
2006-04-07 10:40 39,936 C:\WINDOWS\system32\cmutil.dll
2006-04-07 10:40 39,936 C:\WINDOWS\system32\cmmon32.exe
2006-04-07 10:40 39,424 C:\WINDOWS\system32\grpconv.exe
2006-04-07 10:40 388,608 C:\WINDOWS\system32\cmd.exe
2006-04-07 10:40 385,536 C:\WINDOWS\system32\themeui.dll
2006-04-07 10:40 385,024 C:\WINDOWS\system32\qdvd.dll
2006-04-07 10:40 384,000 C:\WINDOWS\system32\ipsmsnap.dll
2006-04-07 10:40 382,976 C:\WINDOWS\system32\fontext.dll
2006-04-07 10:40 382,464 C:\WINDOWS\system32\qmgr.dll
2006-04-07 10:40 380,957 C:\WINDOWS\system32\expsrv.dll
2006-04-07 10:40 38,912 C:\WINDOWS\system32\sens.dll
2006-04-07 10:40 38,912 C:\WINDOWS\system32\dfrgsnap.dll
2006-04-07 10:40 38,912 C:\WINDOWS\system32\cfgbkend.dll
2006-04-07 10:40 378,368 C:\WINDOWS\system32\wzcdlg.dll
2006-04-07 10:40 375,296 C:\WINDOWS\system32\dpnet.dll
2006-04-07 10:40 367,616 C:\WINDOWS\system32\dsound.dll
2006-04-07 10:40 363,008 C:\WINDOWS\system32\smlogcfg.dll
2006-04-07 10:40 36,921 C:\WINDOWS\system32\imeshare.dll
2006-04-07 10:40 36,864 C:\WINDOWS\system32\netstat.exe
2006-04-07 10:40 36,864 C:\WINDOWS\system32\mscpxl32.dll
2006-04-07 10:40 36,352 C:\WINDOWS\system32\ncobjapi.dll
2006-04-07 10:40 359,936 C:\WINDOWS\system32\wzcsvc.dll
2006-04-07 10:40 358,976 C:\WINDOWS\system32\msjetoledb40.dll
2006-04-07 10:40 358,400 C:\WINDOWS\system32\termmgr.dll
2006-04-07 10:40 357,888 C:\WINDOWS\system32\dxtmsft.dll
2006-04-07 10:40 351,232 C:\WINDOWS\system32\winhttp.dll
2006-04-07 10:40 35,840 C:\WINDOWS\system32\umandlg.dll
2006-04-07 10:40 35,840 C:\WINDOWS\system32\rcimlby.exe
2006-04-07 10:40 35,840 C:\WINDOWS\system32\imgutil.dll
2006-04-07 10:40 35,840 C:\WINDOWS\system32\dmloader.dll
2006-04-07 10:40 35,648 C:\WINDOWS\system32\ntio411.sys
2006-04-07 10:40 35,424 C:\WINDOWS\system32\ntio412.sys
2006-04-07 10:40 35,328 C:\WINDOWS\system32\pid.dll
2006-04-07 10:40 35,328 C:\WINDOWS\system32\mciqtz32.dll
2006-04-07 10:40 35,328 C:\WINDOWS\system32\dpnhpast.dll
2006-04-07 10:40 35,328 C:\WINDOWS\system32\corpol.dll
2006-04-07 10:40 349,696 C:\WINDOWS\system32\ipsecsnp.dll
2006-04-07 10:40 348,189 C:\WINDOWS\system32\msxbde40.dll
2006-04-07 10:40 348,189 C:\WINDOWS\system32\mspbde40.dll
2006-04-07 10:40 347,136 C:\WINDOWS\system32\tourstart.exe
2006-04-07 10:40 347,136 C:\WINDOWS\system32\hypertrm.dll
2006-04-07 10:40 344,064 C:\WINDOWS\system32\hnetcfg.dll
2006-04-07 10:40 343,040 C:\WINDOWS\system32\msvcrt.dll
2006-04-07 10:40 343,040 C:\WINDOWS\system32\mspaint.exe
2006-04-07 10:40 343,040 C:\WINDOWS\system32\cmdial32.dll
2006-04-07 10:40 341,504 C:\WINDOWS\system32\localspl.dll
2006-04-07 10:40 34,816 C:\WINDOWS\system32\ssdpapi.dll
2006-04-07 10:40 34,816 C:\WINDOWS\system32\perfproc.dll
2006-04-07 10:40 34,560 C:\WINDOWS\system32\ntio804.sys
2006-04-07 10:40 34,560 C:\WINDOWS\system32\ntio404.sys
2006-04-07 10:40 34,560 C:\WINDOWS\system32\mnmdd.dll
2006-04-07 10:40 34,304 C:\WINDOWS\system32\pstorsvc.dll
2006-04-07 10:40 34,304 C:\WINDOWS\system32\ie4uinit.exe
2006-04-07 10:40 338,432 C:\WINDOWS\system32\ir41_qcx.dll
2006-04-07 10:40 337,920 C:\WINDOWS\system32\filemgmt.dll
2006-04-07 10:40 333,312 C:\WINDOWS\system32\wiaservc.dll
2006-04-07 10:40 330,752 C:\WINDOWS\system32\ippromon.dll
2006-04-07 10:40 330,752 C:\WINDOWS\system32\hnetwiz.dll
2006-04-07 10:40 33,840 C:\WINDOWS\system32\ntio.sys
2006-04-07 10:40 33,792 C:\WINDOWS\system32\msgsvc.dll
2006-04-07 10:40 33,280 C:\WINDOWS\system32\rundll32.exe
2006-04-07 10:40 33,280 C:\WINDOWS\system32\inetmib1.dll
2006-04-07 10:40 33,280 C:\WINDOWS\system32\cryptdll.dll
2006-04-07 10:40 33,280 C:\WINDOWS\system32\clipsrv.exe
2006-04-07 10:40 329,728 C:\WINDOWS\system32\netsetup.exe
2006-04-07 10:40 326,656 C:\WINDOWS\system32\cscui.dll
2006-04-07 10:40 323,584 C:\WINDOWS\system32\iedkcs32.dll
2006-04-07 10:40 32,768 C:\WINDOWS\system32\winipsec.dll
2006-04-07 10:40 32,768 C:\WINDOWS\system32\odbcad32.exe
2006-04-07 10:40 32,768 C:\WINDOWS\system32\mnmsrvc.exe
2006-04-07 10:40 32,768 C:\WINDOWS\system32\isrdbg32.dll
2006-04-07 10:40 32,768 C:\WINDOWS\system32\csrsrv.dll
2006-04-07 10:40 32,256 C:\WINDOWS\system32\wpnpinst.exe
2006-04-07 10:40 32,256 C:\WINDOWS\system32\wpabaln.exe
2006-04-07 10:40 319,517 C:\WINDOWS\system32\msexcl40.dll
2006-04-07 10:40 316,416 C:\WINDOWS\system32\untfs.dll
2006-04-07 10:40 315,423 C:\WINDOWS\system32\msrd3x40.dll
2006-04-07 10:40 313,856 C:\WINDOWS\system32\scesrv.dll
2006-04-07 10:40 31,744 C:\WINDOWS\system32\rtipxmib.dll
2006-04-07 10:40 31,232 C:\WINDOWS\system32\sethc.exe
2006-04-07 10:40 306,176 C:\WINDOWS\system32\slbcsp.dll
2006-04-07 10:40 304,128 C:\WINDOWS\system32\duser.dll
2006-04-07 10:40 303,616 C:\WINDOWS\system32\wmstream.dll
2006-04-07 10:40 30,749 C:\WINDOWS\system32\vbajet32.dll
2006-04-07 10:40 30,720 C:\WINDOWS\system32\xcopy.exe
2006-04-07 10:40 30,208 C:\WINDOWS\system32\mspatcha.dll
2006-04-07 10:40 30,208 C:\WINDOWS\system32\dplaysvr.exe
2006-04-07 10:40 30,208 C:\WINDOWS\system32\ddeshare.exe
2006-04-07 10:40 30,208 C:\WINDOWS\system32\atmlib.dll
2006-04-07 10:40 30,208 C:\WINDOWS\system32\asr_fmt.exe
2006-04-07 10:40 3,584 C:\WINDOWS\system32\msafd.dll
2006-04-07 10:40 3,584 C:\WINDOWS\system32\icmp.dll
2006-04-07 10:40 3,584 C:\WINDOWS\system32\dpnlobby.dll
2006-04-07 10:40 3,584 C:\WINDOWS\system32\dpnaddr.dll
2006-04-07 10:40 3,338 C:\WINDOWS\system32\redir.exe
2006-04-07 10:40 295,936 C:\WINDOWS\system32\kerberos.dll
2006-04-07 10:40 295,936 C:\WINDOWS\system32\appmgr.dll
2006-04-07 10:40 295,424 C:\WINDOWS\system32\termsrv.dll
2006-04-07 10:40 294,400 C:\WINDOWS\system32\msctf.dll
2006-04-07 10:40 291,840 C:\WINDOWS\system32\winsrv.dll
2006-04-07 10:40 290,816 C:\WINDOWS\system32\msnsspc.dll
2006-04-07 10:40 29,696 C:\WINDOWS\system32\safrdm.dll
2006-04-07 10:40 29,184 C:\WINDOWS\system32\sendcmsg.dll
2006-04-07 10:40 29,184 C:\WINDOWS\system32\mshta.exe
2006-04-07 10:40 289,792 C:\WINDOWS\system32\vssvc.exe
2006-04-07 10:40 285,696 C:\WINDOWS\system32\objsel.dll
2006-04-07 10:40 285,696 C:\WINDOWS\system32\atmfd.dll
2006-04-07 10:40 283,648 C:\WINDOWS\winhlp32.exe
2006-04-07 10:40 283,648 C:\WINDOWS\system32\pdh.dll
2006-04-07 10:40 282,624 C:\WINDOWS\system32\devmgr.dll
2006-04-07 10:40 280,064 C:\WINDOWS\system32\gdi32.dll
2006-04-07 10:40 28,672 C:\WINDOWS\system32\nmmkcert.dll
2006-04-07 10:40 28,672 C:\WINDOWS\system32\dmband.dll
2006-04-07 10:40 28,672 C:\WINDOWS\system32\dfsshlex.dll
2006-04-07 10:40 28,672 C:\WINDOWS\system32\dbnmpntw.dll
2006-04-07 10:40 28,672 C:\WINDOWS\system32\batmeter.dll
2006-04-07 10:40 279,040 C:\WINDOWS\system32\qdv.dll
2006-04-07 10:40 278,559 C:\WINDOWS\system32\odbcjt32.dll
2006-04-07 10:40 276,992 C:\WINDOWS\system32\comdlg32.dll
2006-04-07 10:40 276,480 C:\WINDOWS\system32\webcheck.dll
2006-04-07 10:40 275,456 C:\WINDOWS\system32\ulib.dll
2006-04-07 10:40 274,944 C:\WINDOWS\system32\mstask.dll
2006-04-07 10:40 274,432 C:\WINDOWS\system32\inetcfg.dll
2006-04-07 10:40 271,360 C:\WINDOWS\system32\msihnd.dll
2006-04-07 10:40 27,648 C:\WINDOWS\system32\shscrap.dll
2006-04-07 10:40 27,648 C:\WINDOWS\system32\profmap.dll
2006-04-07 10:40 27,648 C:\WINDOWS\system32\conime.exe
2006-04-07 10:40 27,136 C:\WINDOWS\system32\findstr.exe
2006-04-07 10:40 27,136 C:\WINDOWS\system32\ddrawex.dll
2006-04-07 10:40 266,752 C:\WINDOWS\system32\oakley.dll
2006-04-07 10:40 266,240 C:\WINDOWS\system32\ddraw.dll
2006-04-07 10:40 264,192 C:\WINDOWS\system32\wow32.dll
2006-04-07 10:40 263,680 C:\WINDOWS\system32\adsnt.dll
2006-04-07 10:40 26,624 C:\WINDOWS\system32\perfdisk.dll
2006-04-07 10:40 26,624 C:\WINDOWS\system32\efsadu.dll
2006-04-07 10:40 26,112 C:\WINDOWS\system32\vdmdbg.dll
2006-04-07 10:40 26,112 C:\WINDOWS\system32\skeys.exe
2006-04-07 10:40 259,584 C:\WINDOWS\system32\tracerpt.exe
2006-04-07 10:40 258,077 C:\WINDOWS\system32\mstext40.dll
2006-04-07 10:40 254,976 C:\WINDOWS\system32\icm32.dll
2006-04-07 10:40 252,928 C:\WINDOWS\system32\msoeacct.dll
2006-04-07 10:40 252,928 C:\WINDOWS\system32\compatui.dll
2006-04-07 10:40 251,392 C:\WINDOWS\system32\iepeers.dll
2006-04-07 10:40 25,600 C:\WINDOWS\system32\udhisapi.dll
2006-04-07 10:40 25,088 C:\WINDOWS\system32\slayerxp.dll
2006-04-07 10:40 25,088 C:\WINDOWS\system32\shfolder.dll
2006-04-07 10:40 25,088 C:\WINDOWS\system32\perfos.dll
2006-04-07 10:40 25,088 C:\WINDOWS\system32\mslbui.dll
2006-04-07 10:40 25,088 C:\WINDOWS\system32\defrag.exe
2006-04-07 10:40 25,088 C:\WINDOWS\system32\at.exe
2006-04-07 10:40 249,856 C:\WINDOWS\system32\odbc32.dll
2006-04-07 10:40 249,344 C:\WINDOWS\system32\tapisrv.dll
2006-04-07 10:40 248,832 C:\WINDOWS\system32\newdev.dll
2006-04-07 10:40 248,832 C:\WINDOWS\system32\msieftp.dll
2006-04-07 10:40 246,302 C:\WINDOWS\system32\strmdll.dll
2006-04-07 10:40 245,760 C:\WINDOWS\system32\netui1.dll
2006-04-07 10:40 245,248 C:\WINDOWS\system32\mswsock.dll
2006-04-07 10:40 241,693 C:\WINDOWS\system32\msjtes40.dll
2006-04-07 10:40 240,640 C:\WINDOWS\system32\mpg4dmod.dll
2006-04-07 10:40 24,576 C:\WINDOWS\system32\userinit.exe
2006-04-07 10:40 24,576 C:\WINDOWS\system32\odbcbcp.dll
2006-04-07 10:40 24,576 C:\WINDOWS\system32\dbmsrpcn.dll
2006-04-07 10:40 24,576 C:\WINDOWS\system32\davclnt.dll
2006-04-07 10:40 24,064 C:\WINDOWS\system32\pidgen.dll
2006-04-07 10:40 239,616 C:\WINDOWS\system32\upnpui.dll
2006-04-07 10:40 239,104 C:\WINDOWS\system32\dsquery.dll
2006-04-07 10:40 236,544 C:\WINDOWS\system32\rasapi32.dll
2006-04-07 10:40 23,552 C:\WINDOWS\system32\mciwave.dll
2006-04-07 10:40 23,552 C:\WINDOWS\system32\ipxroute.exe
2006-04-07 10:40 23,552 C:\WINDOWS\system32\dpmodemx.dll
2006-04-07 10:40 23,552 C:\WINDOWS\system32\dmserver.dll
2006-04-07 10:40 23,040 C:\WINDOWS\system32\setup.exe
2006-04-07 10:40 23,040 C:\WINDOWS\system32\psapi.dll
2006-04-07 10:40 23,040 C:\WINDOWS\system32\mciseq.dll
2006-04-07 10:40 23,040 C:\WINDOWS\system32\ersvc.dll
2006-04-07 10:40 229,888 C:\WINDOWS\system32\dplayx.dll
2006-04-07 10:40 229,376 C:\WINDOWS\system32\compstui.dll
2006-04-07 10:40 225,280 C:\WINDOWS\system32\mqoa.dll
2006-04-07 10:40 224,768 C:\WINDOWS\system32\dmadmin.exe
2006-04-07 10:40 221,696 C:\WINDOWS\system32\localsec.dll
2006-04-07 10:40 220,672 C:\WINDOWS\system32\logon.scr
2006-04-07 10:40 22,752 C:\WINDOWS\system32\spupdsvc.exe
2006-04-07 10:40 22,528 C:\WINDOWS\system32\wsock32.dll
2006-04-07 10:40 22,528 C:\WINDOWS\system32\mfcsubs.dll
2006-04-07 10:40 22,016 C:\WINDOWS\system32\lpk.dll
2006-04-07 10:40 22,016 C:\WINDOWS\system32\licmgr10.dll
2006-04-07 10:40 218,624 C:\WINDOWS\system32\uxtheme.dll
2006-04-07 10:40 216,576 C:\WINDOWS\system32\ieaksie.dll
2006-04-07 10:40 216,064 C:\WINDOWS\system32\moricons.dll
2006-04-07 10:40 215,552 C:\WINDOWS\system32\osk.exe
2006-04-07 10:40 213,023 C:\WINDOWS\system32\msltus40.dll
2006-04-07 10:40 212,480 C:\WINDOWS\system32\dpvoice.dll
2006-04-07 10:40 21,504 C:\WINDOWS\system32\rcp.exe
2006-04-07 10:40 21,504 C:\WINDOWS\system32\feclient.dll
2006-04-07 10:40 21,504 C:\WINDOWS\system32\dpvacm.dll
2006-04-07 10:40 207,360 C:\WINDOWS\system32\mobsync.dll
2006-04-07 10:40 206,336 C:\WINDOWS\system32\rasppp.dll
2006-04-07 10:40 205,312 C:\WINDOWS\system32\dxtrans.dll
2006-04-07 10:40 204,288 C:\WINDOWS\system32\mswebdvd.dll
2006-04-07 10:40 200,704 C:\WINDOWS\system32\dmdskmgr.dl

#5 Dober

Dober
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:07 PM

Posted 30 June 2006 - 07:09 PM

(continued)
2006-04-07 10:40 200,192 C:\WINDOWS\system32\ir50_qc.dll
2006-04-07 10:40 20,992 C:\WINDOWS\system32\ssmarque.scr
2006-04-07 10:40 20,992 C:\WINDOWS\system32\sclgntfy.dll
2006-04-07 10:40 20,992 C:\WINDOWS\system32\hid.dll
2006-04-07 10:40 20,992 C:\WINDOWS\system32\fontview.exe
2006-04-07 10:40 20,511 C:\WINDOWS\system32\odtext32.dll
2006-04-07 10:40 20,511 C:\WINDOWS\system32\oddbse32.dll
2006-04-07 10:40 20,510 C:\WINDOWS\system32\odpdx32.dll
2006-04-07 10:40 20,510 C:\WINDOWS\system32\odfox32.dll
2006-04-07 10:40 20,510 C:\WINDOWS\system32\odexl32.dll
2006-04-07 10:40 20,480 C:\WINDOWS\system32\qprocess.exe
2006-04-07 10:40 20,480 C:\WINDOWS\system32\msorc32r.dll
2006-04-07 10:40 20,480 C:\WINDOWS\system32\cliconfg.exe
2006-04-07 10:40 2,890,240 C:\WINDOWS\system32\msi.dll
2006-04-07 10:40 2,135,552 C:\WINDOWS\system32\ntoskrnl.exe
2006-04-07 10:40 2,067,968 C:\WINDOWS\system32\cdosys.dll
2006-04-07 10:40 2,015,232 C:\WINDOWS\system32\ntkrnlpa.exe
2006-04-07 10:40 198,656 C:\WINDOWS\system32\gptext.dll
2006-04-07 10:40 197,632 C:\WINDOWS\system32\netman.dll
2006-04-07 10:40 195,072 C:\WINDOWS\system32\msutb.dll
2006-04-07 10:40 194,560 C:\WINDOWS\system32\certcli.dll
2006-04-07 10:40 194,048 C:\WINDOWS\system32\activeds.dll
2006-04-07 10:40 193,024 C:\WINDOWS\system32\eudcedit.exe
2006-04-07 10:40 192,512 C:\WINDOWS\system32\qcap.dll
2006-04-07 10:40 191,488 C:\WINDOWS\system32\syncui.dll
2006-04-07 10:40 190,976 C:\WINDOWS\system32\schedsvc.dll
2006-04-07 10:40 19,968 C:\WINDOWS\system32\wshtcpip.dll
2006-04-07 10:40 19,968 C:\WINDOWS\system32\ws2help.dll
2006-04-07 10:40 19,968 C:\WINDOWS\system32\ssbezier.scr
2006-04-07 10:40 19,968 C:\WINDOWS\system32\rdpsnd.dll
2006-04-07 10:40 19,968 C:\WINDOWS\system32\mqbkup.exe
2006-04-07 10:40 19,968 C:\WINDOWS\system32\linkinfo.dll
2006-04-07 10:40 19,456 C:\WINDOWS\system32\shutdown.exe
2006-04-07 10:40 19,456 C:\WINDOWS\system32\dswave.dll
2006-04-07 10:40 186,880 C:\WINDOWS\system32\mqtrig.dll
2006-04-07 10:40 185,344 C:\WINDOWS\system32\upnphost.dll
2006-04-07 10:40 185,344 C:\WINDOWS\system32\cmprops.dll
2006-04-07 10:40 183,808 C:\WINDOWS\system32\ir50_qcx.dll
2006-04-07 10:40 183,808 C:\WINDOWS\system32\accwiz.exe
2006-04-07 10:40 183,296 C:\WINDOWS\system32\els.dll
2006-04-07 10:40 182,784 C:\WINDOWS\system32\ipsecsvc.dll
2006-04-07 10:40 182,272 C:\WINDOWS\system32\snmpsnap.dll
2006-04-07 10:40 181,760 C:\WINDOWS\system32\tapi32.dll
2006-04-07 10:40 181,760 C:\WINDOWS\system32\dsdmo.dll
2006-04-07 10:40 181,760 C:\WINDOWS\system32\dinput8.dll
2006-04-07 10:40 181,248 C:\WINDOWS\system32\rasmans.dll
2006-04-07 10:40 181,248 C:\WINDOWS\system32\dmime.dll
2006-04-07 10:40 180,800 C:\WINDOWS\system32\sqlunirl.dll
2006-04-07 10:40 180,224 C:\WINDOWS\system32\scecli.dll
2006-04-07 10:40 180,224 C:\WINDOWS\system32\dwwin.exe
2006-04-07 10:40 18,944 C:\WINDOWS\system32\version.dll
2006-04-07 10:40 18,944 C:\WINDOWS\system32\ssmyst.scr
2006-04-07 10:40 18,944 C:\WINDOWS\system32\snmpapi.dll
2006-04-07 10:40 18,944 C:\WINDOWS\system32\seclogon.dll
2006-04-07 10:40 18,944 C:\WINDOWS\system32\rsmps.dll
2006-04-07 10:40 18,944 C:\WINDOWS\system32\qmgrprxy.dll
2006-04-07 10:40 18,944 C:\WINDOWS\system32\nddenb32.dll
2006-04-07 10:40 18,944 C:\WINDOWS\system32\midimap.dll
2006-04-07 10:40 18,432 C:\WINDOWS\system32\wtsapi32.dll
2006-04-07 10:40 18,432 C:\WINDOWS\system32\ups.exe
2006-04-07 10:40 18,432 C:\WINDOWS\system32\secedit.exe
2006-04-07 10:40 18,432 C:\WINDOWS\system32\dpnsvr.exe
2006-04-07 10:40 179,712 C:\WINDOWS\system32\ntmsdba.dll
2006-04-07 10:40 177,152 C:\WINDOWS\system32\mqrt.dll
2006-04-07 10:40 176,640 C:\WINDOWS\system32\wintrust.dll
2006-04-07 10:40 176,128 C:\WINDOWS\system32\winmm.dll
2006-04-07 10:40 176,128 C:\WINDOWS\system32\photowiz.dll
2006-04-07 10:40 175,616 C:\WINDOWS\system32\adsldp.dll
2006-04-07 10:40 174,592 C:\WINDOWS\system32\w32time.dll
2006-04-07 10:40 174,200 C:\WINDOWS\system32\xenroll.dll
2006-04-07 10:40 172,032 C:\WINDOWS\system32\wldap32.dll
2006-04-07 10:40 171,008 C:\WINDOWS\system32\sccsccp.dll
2006-04-07 10:40 170,496 C:\WINDOWS\system32\srsvc.dll
2006-04-07 10:40 17,920 C:\WINDOWS\system32\ping.exe
2006-04-07 10:40 17,920 C:\WINDOWS\system32\nddeapi.dll
2006-04-07 10:40 17,920 C:\WINDOWS\system32\dvdupgrd.exe
2006-04-07 10:40 17,664 C:\WINDOWS\system32\watchdog.sys
2006-04-07 10:40 17,408 C:\WINDOWS\system32\powrprof.dll
2006-04-07 10:40 17,408 C:\WINDOWS\system32\msyuv.dll
2006-04-07 10:40 17,408 C:\WINDOWS\system32\mmfutil.dll
2006-04-07 10:40 17,408 C:\WINDOWS\system32\bidispl.dll
2006-04-07 10:40 17,408 C:\WINDOWS\system32\alrsvc.dll
2006-04-07 10:40 169,984 C:\WINDOWS\system32\sccbase.dll
2006-04-07 10:40 167,936 C:\WINDOWS\system32\appmgmts.dll
2006-04-07 10:40 163,840 C:\WINDOWS\system32\diskpart.exe
2006-04-07 10:40 163,840 C:\WINDOWS\system32\credui.dll
2006-04-07 10:40 16,896 C:\WINDOWS\system32\winrnr.dll
2006-04-07 10:40 16,896 C:\WINDOWS\system32\usbmon.dll
2006-04-07 10:40 16,896 C:\WINDOWS\system32\upnpcont.exe
2006-04-07 10:40 16,896 C:\WINDOWS\system32\rassapi.dll
2006-04-07 10:40 16,896 C:\WINDOWS\system32\mqise.dll
2006-04-07 10:40 16,896 C:\WINDOWS\system32\cfgmgr32.dll
2006-04-07 10:40 16,384 C:\WINDOWS\system32\odbc32gt.dll
2006-04-07 10:40 16,384 C:\WINDOWS\system32\jsproxy.dll
2006-04-07 10:40 16,384 C:\WINDOWS\system32\ds32gt.dll
2006-04-07 10:40 159,232 C:\WINDOWS\system32\msimtf.dll
2006-04-07 10:40 159,232 C:\WINDOWS\system32\dinput.dll
2006-04-07 10:40 153,600 C:\WINDOWS\system32\modemui.dll
2006-04-07 10:40 152,576 C:\WINDOWS\system32\rsaenh.dll
2006-04-07 10:40 151,583 C:\WINDOWS\system32\msjint40.dll
2006-04-07 10:40 151,552 C:\WINDOWS\system32\msdart.dll
2006-04-07 10:40 151,040 C:\WINDOWS\system32\cdfview.dll
2006-04-07 10:40 150,528 C:\WINDOWS\system32\keymgr.dll
2006-04-07 10:40 150,016 C:\WINDOWS\system32\imapi.exe
2006-04-07 10:40 15,872 C:\WINDOWS\system32\perfmon.exe
2006-04-07 10:40 15,872 C:\WINDOWS\system32\inetppui.dll
2006-04-07 10:40 15,872 C:\WINDOWS\system32\dmremote.exe
2006-04-07 10:40 15,872 C:\WINDOWS\system32\cmcfg32.dll
2006-04-07 10:40 15,360 C:\WINDOWS\system32\pjlmon.dll
2006-04-07 10:40 15,360 C:\WINDOWS\system32\msisip.dll
2006-04-07 10:40 15,360 C:\WINDOWS\system32\ctfmon.exe
2006-04-07 10:40 148,480 C:\WINDOWS\system32\dnsapi.dll
2006-04-07 10:40 147,968 C:\WINDOWS\system32\rdchost.dll
2006-04-07 10:40 147,456 C:\WINDOWS\system32\odbctrac.dll
2006-04-07 10:40 147,456 C:\WINDOWS\system32\initpki.dll
2006-04-07 10:40 146,432 C:\WINDOWS\system32\msrating.dll
2006-04-07 10:40 146,432 C:\WINDOWS\regedit.exe
2006-04-07 10:40 144,896 C:\WINDOWS\system32\schannel.dll
2006-04-07 10:40 144,896 C:\WINDOWS\system32\hotplug.dll
2006-04-07 10:40 144,384 C:\WINDOWS\system32\nwprovau.dll
2006-04-07 10:40 144,384 C:\WINDOWS\system32\imagehlp.dll
2006-04-07 10:40 143,872 C:\WINDOWS\system32\ntshrui.dll
2006-04-07 10:40 143,360 C:\WINDOWS\system32\msorcl32.dll
2006-04-07 10:40 143,360 C:\WINDOWS\system32\mobsync.exe
2006-04-07 10:40 143,360 C:\WINDOWS\system32\adsldpc.dll
2006-04-07 10:40 142,336 C:\WINDOWS\system32\dsprop.dll
2006-04-07 10:40 140,800 C:\WINDOWS\system32\sessmgr.exe
2006-04-07 10:40 140,288 C:\WINDOWS\system32\sfc_os.dll
2006-04-07 10:40 14,848 C:\WINDOWS\system32\tcpmib.dll
2006-04-07 10:40 14,848 C:\WINDOWS\system32\stimon.exe
2006-04-07 10:40 14,848 C:\WINDOWS\system32\rsh.exe
2006-04-07 10:40 14,848 C:\WINDOWS\system32\mgmtapi.dll
2006-04-07 10:40 14,848 C:\WINDOWS\system32\mcastmib.dll
2006-04-07 10:40 14,336 C:\WINDOWS\system32\wship6.dll
2006-04-07 10:40 14,336 C:\WINDOWS\system32\svchost.exe
2006-04-07 10:40 14,336 C:\WINDOWS\system32\ssstars.scr
2006-04-07 10:40 14,336 C:\WINDOWS\system32\runonce.exe
2006-04-07 10:40 14,336 C:\WINDOWS\system32\msdmo.dll
2006-04-07 10:40 14,336 C:\WINDOWS\system32\drprov.dll
2006-04-07 10:40 139,264 C:\WINDOWS\system32\netid.dll
2006-04-07 10:40 139,264 C:\WINDOWS\system32\ieakeng.dll
2006-04-07 10:40 138,240 C:\WINDOWS\system32\mqad.dll
2006-04-07 10:40 137,216 C:\WINDOWS\system32\dssenh.dll
2006-04-07 10:40 136,704 C:\WINDOWS\system32\sti_ci.dll
2006-04-07 10:40 135,680 C:\WINDOWS\system32\webvw.dll
2006-04-07 10:40 135,680 C:\WINDOWS\system32\taskmgr.exe
2006-04-07 10:40 135,680 C:\WINDOWS\system32\ifmon.dll
2006-04-07 10:40 135,168 C:\WINDOWS\system32\odbcconf.dll
2006-04-07 10:40 134,656 C:\WINDOWS\system32\shsvcs.dll
2006-04-07 10:40 134,400 C:\WINDOWS\system32\HAL.DLL
2006-04-07 10:40 132,608 C:\WINDOWS\system32\upnp.dll
2006-04-07 10:40 132,096 C:\WINDOWS\system32\wkssvc.dll
2006-04-07 10:40 131,584 C:\WINDOWS\system32\sndrec32.exe
2006-04-07 10:40 13,824 C:\WINDOWS\system32\uniplat.dll
2006-04-07 10:40 13,824 C:\WINDOWS\system32\rexec.exe
2006-04-07 10:40 13,824 C:\WINDOWS\system32\rdsaddin.exe
2006-04-07 10:40 13,824 C:\WINDOWS\system32\lmhsvc.dll
2006-04-07 10:40 13,312 C:\WINDOWS\system32\sigtab.dll
2006-04-07 10:40 13,312 C:\WINDOWS\system32\savedump.exe
2006-04-07 10:40 13,312 C:\WINDOWS\system32\lsass.exe
2006-04-07 10:40 129,536 C:\WINDOWS\system32\msv1_0.dll
2006-04-07 10:40 126,976 C:\WINDOWS\system32\apphelp.dll
2006-04-07 10:40 124,928 C:\WINDOWS\system32\net1.exe
2006-04-07 10:40 124,416 C:\WINDOWS\system32\wiadss.dll
2006-04-07 10:40 123,904 C:\WINDOWS\system32\dfrgui.dll
2006-04-07 10:40 123,392 C:\WINDOWS\system32\umpnpmgr.dll
2006-04-07 10:40 123,392 C:\WINDOWS\system32\mqrtdep.dll
2006-04-07 10:40 123,392 C:\WINDOWS\system32\mplay32.exe
2006-04-07 10:40 123,392 C:\WINDOWS\system32\input.dll
2006-04-07 10:40 122,880 C:\WINDOWS\system32\glu32.dll
2006-04-07 10:40 121,856 C:\WINDOWS\system32\stobject.dll
2006-04-07 10:40 121,856 C:\WINDOWS\system32\schtasks.exe
2006-04-07 10:40 120,832 C:\WINDOWS\system32\offfilt.dll
2006-04-07 10:40 120,832 C:\WINDOWS\system32\msvfw32.dll
2006-04-07 10:40 120,832 C:\WINDOWS\system32\idq.dll
2006-04-07 10:40 120,320 C:\WINDOWS\system32\ir41_qc.dll
2006-04-07 10:40 12,288 C:\WINDOWS\system32\tracert.exe
2006-04-07 10:40 12,288 C:\WINDOWS\system32\odbcp32r.dll
2006-04-07 10:40 12,288 C:\WINDOWS\system32\netrap.dll
2006-04-07 10:40 12,288 C:\WINDOWS\system32\mstinit.exe
2006-04-07 10:40 12,288 C:\WINDOWS\system32\mscpx32r.dll
2006-04-07 10:40 12,168 C:\WINDOWS\system32\tsddd.dll
2006-04-07 10:40 119,808 C:\WINDOWS\system32\iasrad.dll
2006-04-07 10:40 119,808 C:\WINDOWS\system32\gpresult.exe
2006-04-07 10:40 118,784 C:\WINDOWS\system32\ntmarta.dll
2006-04-07 10:40 118,272 C:\WINDOWS\system32\t2embed.dll
2006-04-07 10:40 118,272 C:\WINDOWS\system32\mdminst.dll
2006-04-07 10:40 117,248 C:\WINDOWS\system32\mqtgsvc.exe
2006-04-07 10:40 116,736 C:\WINDOWS\system32\dpvvox.dll
2006-04-07 10:40 115,712 C:\WINDOWS\system32\mstlsapi.dll
2006-04-07 10:40 115,200 C:\WINDOWS\system32\wmsdmoe.dll
2006-04-07 10:40 114,688 C:\WINDOWS\system32\iexpress.exe
2006-04-07 10:40 114,688 C:\WINDOWS\system32\aclui.dll
2006-04-07 10:40 113,152 C:\WINDOWS\system32\dsuiext.dll
2006-04-07 10:40 112,128 C:\WINDOWS\system32\rastls.dll
2006-04-07 10:40 111,104 C:\WINDOWS\system32\wiavideo.dll
2006-04-07 10:40 111,104 C:\WINDOWS\system32\netdde.exe
2006-04-07 10:40 111,104 C:\WINDOWS\system32\dhcpcsvc.dll
2006-04-07 10:40 111,104 C:\WINDOWS\system32\dgnet.dll
2006-04-07 10:40 110,592 C:\WINDOWS\system32\dbnetlib.dll
2006-04-07 10:40 110,080 C:\WINDOWS\system32\imm32.dll
2006-04-07 10:40 11,776 C:\WINDOWS\system32\xolehlp.dll
2006-04-07 10:40 11,776 C:\WINDOWS\system32\wshrm.dll
2006-04-07 10:40 11,776 C:\WINDOWS\system32\regsvr32.exe
2006-04-07 10:40 11,776 C:\WINDOWS\system32\localui.dll
2006-04-07 10:40 11,264 C:\WINDOWS\system32\msrle32.dll
2006-04-07 10:40 11,264 C:\WINDOWS\system32\icaapi.dll
2006-04-07 10:40 11,264 C:\WINDOWS\system32\autolfn.exe
2006-04-07 10:40 11,264 C:\WINDOWS\system32\atmadm.exe
2006-04-07 10:40 109,568 C:\WINDOWS\system32\progman.exe
2006-04-07 10:40 108,032 C:\WINDOWS\system32\services.exe
2006-04-07 10:40 107,520 C:\WINDOWS\system32\rsnotify.exe
2006-04-07 10:40 107,008 C:\WINDOWS\system32\oleprn.dll
2006-04-07 10:40 106,496 C:\WINDOWS\system32\odbccp32.dll
2006-04-07 10:40 105,984 C:\WINDOWS\system32\sysocmgr.exe
2006-04-07 10:40 105,984 C:\WINDOWS\system32\msoert2.dll
2006-04-07 10:40 105,984 C:\WINDOWS\system32\dmstyle.dll
2006-04-07 10:40 105,472 C:\WINDOWS\system32\polstore.dll
2006-04-07 10:40 104,960 C:\WINDOWS\system32\dfrgntfs.exe
2006-04-07 10:40 104,448 C:\WINDOWS\system32\dmusic.dll
2006-04-07 10:40 103,936 C:\WINDOWS\system32\nlhtml.dll
2006-04-07 10:40 103,424 C:\WINDOWS\system32\dmsynth.dll
2006-04-07 10:40 102,912 C:\WINDOWS\system32\clipbrd.exe
2006-04-07 10:40 102,400 C:\WINDOWS\system32\rcbdyctl.dll
2006-04-07 10:40 101,888 C:\WINDOWS\system32\win32spl.dll
2006-04-07 10:40 101,888 C:\WINDOWS\system32\cscdll.dll
2006-04-07 10:40 101,888 C:\WINDOWS\system32\actxprxy.dll
2006-04-07 10:40 100,352 C:\WINDOWS\system32\6to4svc.dll
2006-04-07 10:40 10,752 C:\WINDOWS\system32\dumprep.exe
2006-04-07 10:40 10,240 C:\WINDOWS\system32\lprhelp.dll
2006-04-07 10:40 1,839,488 C:\WINDOWS\system32\win32k.sys
2006-04-07 10:40 1,708,032 C:\WINDOWS\system32\netshell.dll
2006-04-07 10:40 1,580,544 C:\WINDOWS\system32\sfcfiles.dll
2006-04-07 10:40 1,507,356 C:\WINDOWS\system32\msjet40.dll
2006-04-07 10:40 1,435,648 C:\WINDOWS\system32\query.dll
2006-04-07 10:40 1,428,480 C:\WINDOWS\system32\msvidctl.dll
2006-04-07 10:40 1,392,671 C:\WINDOWS\system32\msvbvm60.dll
2006-04-07 10:40 1,298,432 C:\WINDOWS\system32\dxdiag.exe
2006-04-07 10:40 1,294,336 C:\WINDOWS\system32\dsound3d.dll
2006-04-07 10:40 1,287,168 C:\WINDOWS\system32\quartz.dll
2006-04-07 10:40 1,236,480 C:\WINDOWS\system32\msxml3.dll
2006-04-07 10:40 1,227,264 C:\WINDOWS\system32\dx8vb.dll
2006-04-07 10:40 1,200,128 C:\WINDOWS\system32\ntbackup.exe
2006-04-07 10:40 1,192,960 C:\WINDOWS\system32\mmcndmgr.dll
2006-04-07 10:40 1,179,648 C:\WINDOWS\system32\d3d8.dll
2006-04-07 10:40 1,082,368 C:\WINDOWS\system32\esent.dll
2006-04-07 10:40 1,054,208 C:\WINDOWS\system32\danim.dll
2006-04-07 10:40 1,032,192 C:\WINDOWS\explorer.exe
2006-04-07 10:40 1,028,096 C:\WINDOWS\system32\mfc42.dll
2006-04-07 10:40 1,024,000 C:\WINDOWS\system32\mfc42u.dll
2006-04-07 10:28 176,128 C:\WINDOWS\system32\nvudisp.exe
2006-04-07 10:14 13,536 C:\WINDOWS\system32\spmsg.dll
2006-04-07 10:10 465,176 C:\WINDOWS\system32\wuapi.dll
2006-04-07 10:10 41,240 C:\WINDOWS\system32\wups.dll
2006-04-07 10:10 194,328 C:\WINDOWS\system32\wuaueng1.dll
2006-04-07 10:10 18,200 C:\WINDOWS\system32\wups2.dll
2006-04-07 10:10 172,312 C:\WINDOWS\system32\wuauclt1.exe
2006-04-07 10:10 127,256 C:\WINDOWS\system32\wucltui.dll


((((((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"MSConfig"="C:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\MSConfig.exe /auto"
"{B9-9E-EB-B3-ZN}"="c:\\windows\\system32\\dwdsregt.exe GID003"
"TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"sys01399794509-"="C:\\WINDOWS\\sys01399794509-.exe"
"SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"
"SoundMan"="SOUNDMAN.EXE"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"NWEReboot"=""
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvMcTray.dll,NvTaskbarInit"
"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"MessengerPlus3"="\"C:\\Program Files\\MessengerPlus! 3\\MsgPlus.exe\""
"Logitech Utility"="Logi_MwX.Exe"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"ms039794509-39"="C:\\WINDOWS\\ms039794509-39.exe"
"kzq908f1"="RUNDLL32.EXE w00826ca.dll,n 001908f00000000300826ca"
"w008994b.dll"="RUNDLL32.EXE w008994b.dll,I2 001908f00008994b"
"ms04794509-399"="C:\\WINDOWS\\ms04794509-399.exe"
"Hhl7RfpJ"="\"C:\\WINDOWS\\system32\\ssn6tuu.exe\""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonceex]
"flags"=dword:00000008

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonceex\000]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"LDM"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\BackWeb-8876480.exe"
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Program Files\\Common Files\\Ahead\\lib\\NMBgMonitor.exe\""
"PSHope"="\"C:\\Program Files\\PSHope\\PSHope.exe\""

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000000

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="C:\\Program Files\\Messenger\\kycec.html"
"SubscribedURL"=""
"FriendlyName"=""
"Flags"=dword:00002000
"Position"=hex:2c,00,00,00,64,00,00,00,64,00,00,00,58,02,00,00,c8,00,00,00,e8,\
03,00,00,00,00,00,00,00,00,00,00,00,00,00,00,14,00,00,00,14,00,00,00
"CurrentState"=dword:40000001
"OriginalStateInfo"=hex:18,00,00,00,64,00,00,00,64,00,00,00,58,02,00,00,c8,00,\
00,00,01,00,00,00
"RestoredStateInfo"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\1]
"Source"="C:\\Program Files\\Windows NT\\hozyzez.html"
"SubscribedURL"=""
"FriendlyName"=""
"Flags"=dword:00002000
"Position"=hex:2c,00,00,00,64,00,00,00,64,00,00,00,58,02,00,00,c8,00,00,00,ea,\
03,00,00,00,00,00,00,00,00,00,00,00,00,00,00,14,00,00,00,14,00,00,00
"CurrentState"=dword:40000001
"OriginalStateInfo"=hex:18,00,00,00,64,00,00,00,64,00,00,00,58,02,00,00,c8,00,\
00,00,01,00,00,00
"RestoredStateInfo"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\2]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,e2,03,00,00,ec,\
03,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=dword:40000004
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^qhvsw.exe]
"path"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\qhvsw.exe"
"backup"="C:\\WINDOWS\\pss\\qhvsw.exeCommon Startup"
"location"="Common Startup"
"command"="C:\\Documents and Settings\\All Users\\Start Menu\\Programs\\Startup\\qhvsw.exe"
"item"="qhvsw"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Brad^Start Menu^Programs^Startup^XFX Game Controller.lnk]
"path"="C:\\Documents and Settings\\Brad\\Start Menu\\Programs\\Startup\\XFX Game Controller.lnk"
"backup"="C:\\WINDOWS\\pss\\XFX Game Controller.lnkStartup"
"location"="Startup"
"command"="C:\\Documents and Settings\\Brad\\Application Data\\Microsoft\\Installer\\{C843A6E6-5B4E-4F36-9F1A-10187070D3DA}\\XFXController.exe1_C843A6E65B4E4F369F1A10187070D3DA.exe "
"item"="XFX Game Controller"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Brad^Start Menu^Programs^Startup^Zeno.lnk]
"path"="C:\\Documents and Settings\\Brad\\Start Menu\\Programs\\Startup\\Zeno.lnk"
"backup"="C:\\WINDOWS\\pss\\Zeno.lnkStartup"
"location"="Startup"
"command"="C:\\WINDOWS\\system32\\twinqqez.exe GID003"
"item"="Zeno"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Brad^Start Menu^Programs^Startup^Z_Start.lnk]
"path"="C:\\Documents and Settings\\Brad\\Start Menu\\Programs\\Startup\\Z_Start.lnk"
"backup"="C:\\WINDOWS\\pss\\Z_Start.lnkStartup"
"location"="Startup"
"command"="C:\\WINDOWS\\system32\\prdsregq.exe GID003"
"item"="Z_Start"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SurfSideKick 3]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Ssk"
"hkey"="HKLM"
"command"="C:\\Program Files\\SurfSideKick 3\\Ssk.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TClock.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="tclock_install"
"hkey"="HKCU"
"command"="C:\\Program Files\\TClock\\tclock_install.exe"
"inimapping"="0"

HKEY_LOCAL_MACHINE\system\controlset001\control\safeboot\minimal\vds
HKEY_LOCAL_MACHINE\system\controlset001\control\safeboot\minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}
HKEY_LOCAL_MACHINE\system\controlset003\control\safeboot\minimal\vds
HKEY_LOCAL_MACHINE\system\controlset003\control\safeboot\minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}


Contents of the 'Scheduled Tasks' folder

Completion time: Fri 06/30/2006 19:03:10.92
ComboFix ver 06.07.01 - This logfile is located at C:\ComboFix.txt

ComboFix.2006-06-30.190305.txt


Here's the HijackThis log:
Logfile of HijackThis v1.99.1
Scan saved at 7:05:15 PM, on 6/30/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\sys01399794509-.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\ms039794509-39.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\ms04794509-399.exe
C:\WINDOWS\system32\ssn6tuu.exe
C:\WINDOWS\system32\nr1rnqm8.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\Program Files\PSHope\PSHope.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HijackThis 1.99.1\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: Oddbot - {2B896072-F6E3-4FF7-ADE6-43D5BEC6557C} - C:\WINDOWS\system32\nodeipproc.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Yvakt Class - {AE0ECC2F-0C33-494C-8B22-B57A7763027F} - C:\WINDOWS\system32\x3cqp0.dll
O2 - BHO: (no name) - {E5E2A3E7-00FE-4D31-A030-A10799DDCA66} - (no file)
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [{B9-9E-EB-B3-ZN}] c:\windows\system32\dwdsregt.exe GID003
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [sys01399794509-] C:\WINDOWS\sys01399794509-.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ms039794509-39] C:\WINDOWS\ms039794509-39.exe
O4 - HKLM\..\Run: [kzq908f1] RUNDLL32.EXE w00826ca.dll,n 001908f00000000300826ca
O4 - HKLM\..\Run: [w008994b.dll] RUNDLL32.EXE w008994b.dll,I2 001908f00008994b
O4 - HKLM\..\Run: [ms04794509-399] C:\WINDOWS\ms04794509-399.exe
O4 - HKLM\..\Run: [Hhl7RfpJ] "C:\WINDOWS\system32\ssn6tuu.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [PSHope] "C:\Program Files\PSHope\PSHope.exe"
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1144422573946
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B0D5005F-B493-426C-A066-8243F4466A72}: NameServer = 216.114.28.3,64.83.160.45
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter: text/html - {DA28E0DB-229C-4003-827E-96AE15AD90FB} - C:\WINDOWS\system32\x3cqp0.dll
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

Thank you SOOO much for your help,
Dober

#6 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:01:07 AM

Posted 01 July 2006 - 12:29 AM

Hello,

Is there any reason why you still didn't install an antivirus and a firewall? Because this really doesn't make any sense otherwise...

It's better to print out the next instructions or save it in notepad, because you also have to work in safe mode without networking support, so this page wouldn't be available then.
It is also important you don't miss a step and perform everything in the right order!!

* Please download the Suspicious File Packer from here:
http://www.safer-networking.org/files/sfp.zip
Unzip it to the desktop and run it.

Paste the following bold part into the Suspicious File Packer window:

C:\WINDOWS\system32\nodeipproc.dll
C:\WINDOWS\bwUnin-6.1.4.61-8876480L.exe


Allow SFP to pack the file. This will generate a CAB archive on your desktop.
Go to this page.
Enter the url of this thread in the first field.
Where it says, browse to the file that you want to submit, click the browse button next to the second field and browse to the CAB archive that was been created on your desktop.
The cab file will be called requested-files[*].cab (the * stands for the date and hour).
Then click the Send File button below.

Please download, install, and update Ewido anti-spyware
  • Load Ewido and then click the Update tab at the top. Under Manual Update click Start update.
  • After the update finishes (the status bar at the bottom will display "Update successful")
  • Close ewido. Do not run it yet.
* Start HijackThis, close all open windows leaving only HijackThis running. Place a check against each of the following:

O2 - BHO: Oddbot - {2B896072-F6E3-4FF7-ADE6-43D5BEC6557C} - C:\WINDOWS\system32\nodeipproc.dll
O2 - BHO: Yvakt Class - {AE0ECC2F-0C33-494C-8B22-B57A7763027F} - C:\WINDOWS\system32\x3cqp0.dll
O2 - BHO: (no name) - {E5E2A3E7-00FE-4D31-A030-A10799DDCA66} - (no file)
O4 - HKLM\..\Run: [{B9-9E-EB-B3-ZN}] c:\windows\system32\dwdsregt.exe GID003
O4 - HKLM\..\Run: [sys01399794509-] C:\WINDOWS\sys01399794509-.exe
O4 - HKLM\..\Run: [ms039794509-39] C:\WINDOWS\ms039794509-39.exe
O4 - HKLM\..\Run: [kzq908f1] RUNDLL32.EXE w00826ca.dll,n 001908f00000000300826ca
O4 - HKLM\..\Run: [w008994b.dll] RUNDLL32.EXE w008994b.dll,I2 001908f00008994b
O4 - HKLM\..\Run: [ms04794509-399] C:\WINDOWS\ms04794509-399.exe
O4 - HKLM\..\Run: [Hhl7RfpJ] "C:\WINDOWS\system32\ssn6tuu.exe"
O4 - HKCU\..\Run: [PSHope] "C:\Program Files\PSHope\PSHope.exe"
O18 - Filter: text/html - {DA28E0DB-229C-4003-827E-96AE15AD90FB} - C:\WINDOWS\system32\x3cqp0.dll


* Click on Fix Checked when finished and exit HijackThis.
Make sure your Internet Explorer is closed when you click Fix Checked!

* Reboot into Safe Mode`: ( without networking support !)
įTo get into the Safe mode as the computer is booting press and hold your "F8 Key". Use your arrow keys to move to "Safe Mode" and press your Enter key.

* Please set your system to show all files.
Click Start.
Open My Computer.
Select the Tools menu and click Folder Options.
Select the View Tab. Under the Hidden files and folders heading, select Show hidden files and folders.
Uncheck: Hide file extensions for known file types
Uncheck the Hide protected operating system files (recommended) option.
Click Yes to confirm.
Click OK.

* Using Windows Explorer, locate the following files/folders, and delete them if still present:

C:\WINDOWS\system32\kzq908f1.sys
C:\Program Files\PSHope <== folder
C:\WINDOWS\srvzbxzfpg.exe
C:\Program Files\Common Files\rmzm <== folder
C:\Program Files\Windows <== folder, contains the file WinUpdate.exe and WinUpdate.fld
C:\WINDOWS\system32\ssn6tuu.exe
C:\WINDOWS\NDNuninstall7_22.exe
C:\WINDOWS\hiilzbrj.exe
C:\WINDOWS\system32\tpuninstall.exe
C:\WINDOWS\system32\nr1rnqm8.exe
C:\WINDOWS\system32\x3cqp0.dll
C:\WINDOWS\system32\ssn6tuu.exe
C:\WINDOWS\ssqbn.exe
C:\WINDOWS\system32\kzq908f1.sys
C:\WINDOWS\system32\kzq908f1.dll
C:\WINDOWS\system32\VSL05.exe
C:\WINDOWS\system32\w00826ca.dll
C:\WINDOWS\system32\uninstIcn.exe
C:\WINDOWS\srvzbxzfpg.exe
C:\WINDOWS\srvgntjiir.exe
C:\WINDOWS\win32099-399794502006.exe
C:\WINDOWS\system32ftuninst.exe
C:\WINDOWS\system32\gbe90qs.exe
C:\WINDOWS\system32\ftuninst.exe
C:\WINDOWS\system32\lsass.dll <== don't try to delete lsass.exe!!
C:\WINDOWS\pf78.exe
C:\WINDOWS\ms0594509-39972006.exe
C:\Program Files\Messenger\kycec.html
C:\Program Files\Windows NT\hozyzez.html
C:\WINDOWS\pss\qhvsw.exeCommon Startup
C:\WINDOWS\pss\Z_Start.lnkStartup

* Go to start > control panel > Display properties > Desktop > Customize Desktop... > Web tab
Uncheck and delete everything you find in there. (except for "My current home page")

* Still in safe mode... * Clean your Cache and Cookies in IE:
  • Close all instances of Outlook Express and Internet Explorer
  • Go to Control Panel > Internet Options > General tab
  • Click the "Delete Cookies" button
  • Next to it, Click the "Delete Files" button
  • When prompted, place a check in: "Delete all offline content", click OK
* Clean your Cache and Cookies in Firefox (In case you also have Firefox installed):
  • Go to Tools > Options.
  • Click Privacy in the menu on the left side of the Options window.
  • Click the Clear button located to the right of each option (History, Cookies, Cache).
  • Click OK to close the Options window
    Alternatively, you can clear all information stored while browsing by clicking Clear All.
    A confirmation dialog box will be shown before clearing the information.
* Clean other Temporary files + Recycle bin
  • Go to start > run and type: cleanmgr and click ok.
  • Let it scan your system for files to remove.
  • Make sure Temporary Files, Temporary Internet Files, and Recycle Bin are the only things checked.
  • Press OK to remove them.
  • Still in Safe Mode, load Ewido and click on the Scanner tab at the top. Click the "Settings" tab and then change the recommended action to Quarantine and click Automatically generate report after every scan. Click back to the "Scan" tab and then click on Complete System Scan. This scan can take quite a while to run, so be prepared.
  • Ewido will list any infections found on the left hand side. When the scan has finished, it will automatically set the recommended action. Click the Apply all actions button. Ewido will display "All actions have been applied" on the right hand side.
  • Click on "Save Report", then "Save Report As". This will create a text file. Make sure you know where to find this file again (like on the Desktop).
  • Close Ewido.
* Reboot your system back to normal mode.

* Open notepad and copy and paste next present in the quotebox below in it:
(don't forget to copy and paste REGEDIT4)

REGEDIT4

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SurfSideKick 3]

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^qhvsw.exe]

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Brad^Start Menu^Programs^Startup^Zeno.lnk]

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Brad^Start Menu^Programs^Startup^Z_Start.lnk]

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TClock.exe]

[-HKEY_CLASSES_ROOT\Fseytdc.Ariaqudok]

[-HKEY_CLASSES_ROOT\Fseytdc.Ariaqudok.1]

[-HKEY_CLASSES_ROOT\Fseytdc.Yvakt]

[-HKEY_CLASSES_ROOT\Fseytdc.Yvakt.1]

[-HKEY_CLASSES_ROOT\CLSID\{5C3E6596-C64F-48E0-AC1E-B9C6EB3A5915}]

[-HKEY_CLASSES_ROOT\CLSID\{624A3CDB-8C0A-4902-8480-191582C8498E}]

[-HKEY_CLASSES_ROOT\Interface\{47F2B86D-82A1-44F5-A78B-136AC5496094}]

[-HKEY_CLASSES_ROOT\TypeLib\{90AFF1EF-C901-4991-8D61-5BEEA455E090}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\treewood]


Save this as fix.reg Choose to save as *all files and place it on your desktop.
It should look like this: Posted Image
Doubleclick on it and when it asks you if you want to merge the contents to the registry, click yes/ok.
In case you still are unsure how to create a reg file, take a look here with screenshots.

* Rescan again with combofix and post the log in your next reply, together the contents of the ewido-log present on your desktop and a new HiJackThis log.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#7 Dober

Dober
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:07 PM

Posted 03 July 2006 - 03:14 PM

Alright, the only reason I haven't gotten an antivirus or firewall yet is because I'm trying to use the computer as little as possible untill all viruses/malwares/etc. are gone. Also, I don't know which one of the 3 choices you gave to pick.
Here's the logs:
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 2:41:48 PM 7/3/2006

+ Scan result:



C:\Program Files\NetMeeting\auxe.exe -> Downloader.Small.ajc : Cleaned with backup (quarantined).
C:\WINDOWS\lt.exe -> Downloader.Small.ajc : Cleaned with backup (quarantined).
C:\WINDOWS\ms04794509-399.exe -> Downloader.VB.tw : Cleaned with backup (quarantined).
C:\WINDOWS\sys01399794509-.exe -> Downloader.VB.tw : Cleaned with backup (quarantined).
C:\WINDOWS\uni_eh.exe -> Trojan.VB.tg : Cleaned with backup (quarantined).
C:\WINDOWS\unin101.exe -> Trojan.VB.tg : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\'Scary Movie 4 [DVDScreener XViD MP3][www bitestrenos com].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\'VA - Club Ibiza 2006 [2CDS] [2006][House][www bitmp3 com].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\(ebook - pdf) mechanical engineering handbook zip.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\-Webroot Spy Sweeper 4 5 9 709 WinALL Regged Retail Version-PiCO 1266334 551.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\AVG Anti-Virus Pro Edition 7 1 495+Full KEY rar.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\About CNET Networks.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Accelerated Battlefield Combatives Training.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Ace Of Base - The Ultimate Collection - 192kbps.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Adobe InDesign CS2 How Tos 100 Essential Techniques - Adobe Press.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Advanced search.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Air America Radio - The Al Franken Show 062806 [mp3].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Air America Radio - The Marc Maron Show 062706 [mp3].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Air America Radio - The Mike Malloy Show 062706 [mp3].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Air America Radio - The Rachel Maddow Show 062806 [mp3].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Air Gear - 11 [1AD13419][FDD-Subs] avi.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\All PopCap Games (Alchemy + Atomica + Bejeweled + Big Money + Dynomite + Mummy Maze + NingPo MahJong.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\All RSS feeds.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\All Software.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\All visual basic 2005 books(2004 , 2005 , 2006 categorized ).zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Armin Van Buuren Presents - A State Of Trance Episode 255 (Ripped By SuperJ).zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Basic Instinct 2 UNRATED DVDRip XviD-LMG [www torrentfive com].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Blade The Series S01E01 DSR XviD-ORENJi [eztv].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Blue Collar Tv S02E09 PDTV XviD-LOL [eztv].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Browse categories.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Building Flash Web Sites For Dummies.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\CNET Channel.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\CNET Download.com.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\CNET News.com.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\CNET Reviews.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\CNET Shopper.com.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Christina s502.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Compare Prices.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Copyright policy.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\DBZ XMEN crossover comics zip.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\DCP 6-29-06.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\DJ Envy &amp; Tapemasters Inc. - Purple Codeine #7_MeTH_MixFiend.com_2006.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\DJ Envy - Down &amp; Dirty R&amp;B #9_MeTH_MixFiend.com_2006.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\DJ Envy - The Hitlist #19_MeTH_MixFiend.com_2006.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\DVD SHRINK 3.2 - ImgBurn &amp; CopyToDvD Edition.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Dashboard Confessional - Dusk And Summer [2006].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\David DeAngelo 13 Ebooks - Double Your Dating, Sex Secrets....zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Death Note Manga Completed =Demonoid com=.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Devil May Cry 3 Special Edition-RELOADED (bt-gm EFnet ).zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Discovery Channel Forensic Detectives Tainted Trust PDTV XviD-AERiAL [eztv].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Discovery Science Rides Fast Forward Fast Back PDTV XviD-AERiAL [eztv].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Discovery Science Understanding Gizmos And Widgets PDTV XviD-AERiAL [eztv].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Doctor Who - Fury From The Deep BBC Radio Collection.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Doctor Who - Invasion BBC Radio Collection.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Dog Bites Man S01E04 DSR XviD-UMD [eztv].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Donna Summer - Gold [2005] [2CD+Covers]192Kbps.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Easyriders Magazine - May 2006 pdf file.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Extreme Tech Hacking Windows XP - [www slotorrent net].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FIFA 06 demo .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FIFA 2000 demo .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FIFA 2000 patch .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FIFA 2001 Major League Soccer demo .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FIFA 99 demo .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FIFA Fair Play Screensaver .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FIFA Soccer 2004 World League mod .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FIFA Soccer 2004 demo .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FIFA Soccer 2005 demo .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FIFA Soccer 97 demo .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FIFA World Cup Screensaver .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FIJInet 1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FIM Family Information Manager 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FITS Imager 2000 1.22.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FL Studio 5.01.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FULL WINDOWS CRACK GEN(all windows versions) rar.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FiLO XP Standard 5.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FieldBridge 2.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fields and Rivers Screensaver 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fifteen 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fifteens 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fight Terror 2.01.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FightAIDS@Home 3.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FightAds 3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fighter Ace 3.82.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fighter Ace II .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fighter Jets Screensaver 2.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fighting Steel demo .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fighting UFO 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FilZip 3.04.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Filch 3.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Access Manager 3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Ace 1.02 build 0012.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Alert Monitor 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Append and Split Tool 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Archive Manager 1.0r.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Association Manager 2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Audio Processor 4.1.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Backup Pro 3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Backup Watcher 2.7.6R1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Backup Watcher Lite Edition 2.7.3R2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Backup Watcher Professional 2.7.7R1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Beamer 0.1.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Blast 1.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Boss 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Chopper 3.6.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Comparator 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Compare & Folder Synchronization Software 6.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Conversion Wizard for Word and Excel 1.04.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Converter 2.0.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Deleter 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Downloader 1.07.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Editor 2000 3.7.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Encryption XP 1.5.74.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Express 3.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Extension Lookup 1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Finder 1.0.0.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Folder Organizer - EX 3.1.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File History Service 1.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Investigator 2.06.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Jor Tor 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File King 2004.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Listing Maker 1.10 build 20060215#9.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Lock 6.1.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Lock DLL Device Driver 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Locker 5.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Manager 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Manager 7.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Marshal 1.06.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Maven Pro 2.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Monster 2.6.7.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Name Converter 3.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Notes Organizer 3.5.1.4.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Own Guard 2.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Preserver 2.1.0.8.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Properties Changer 1.02.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Properties Editor 1.9.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Protector 2001 Special Edition 2.05b.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Re-Organizer 1.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Recover 5.0.1.15.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Renamer 2.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Renamer 2005 4.0 builld 12.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Renamer 3.1.0.22.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Renamer Basic 2.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Renaming Tool 1.0.2.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Rescue Plus 3.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File RoundUp 2.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Rules 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Scavenger 3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Search for LAN 1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Securer 3.93.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Security Manager 1.7.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Sequencer 0.6.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Shredder 2000 4.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Shredder Pro 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Sitter 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Smile 4.0.50.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Sort 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Sorting Utility 1.25.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Spanning 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Spliter 1.0.0.8.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Splitter 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Splitter 4.5a.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Splitter Deluxe 3.4.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Splitter Utility v1.00.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Splitz 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Stitcher 1.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Substring Replacement Utility 10.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Synchronizer 2.0.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File System Watcher 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Tools 1.01.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Tree Printer 3.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Trimmer 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Uploader 1.09.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Uploader 1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Viewer 1.00.01.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Viewer 5.01.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Waster 5.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Wipe 2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File Wrench 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File and Folder Protector 2.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File and MP3 Renamer 2005 5.11.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File and MP3 Tag Renamer 2.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File, Print FedEx Kinko's 2.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File-Ease 1.05.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File-Ex (16-bit) 2.11.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File-Ex 3.0.0.24.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File1 Simple Shop 1.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File2Pack 2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File2Pack SFX 2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\File4ward.exe 3.1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileAmigo LE 7.2 build 165.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileAnnounce 1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileAnt 20050615.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileAround Image Server Plus 2.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileAssurity OpenPGP 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileAudit 2.41.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileBack PC 4 10-May-2006.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileBanc Pro 5.1.0.4.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileBarricader 2004 1.4.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileBoss 1.4.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileBox 3.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileBox eXtender 1.80.03.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileCOPA 1.01.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileCOPA FTP Server 1.01.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileCenter 2.0.4.2222.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileCheckMD5 0.2.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileChute 1.7.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileCommander 4.5.3.36.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileCopier 1.0.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileCourier 1.51.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileCroc 1.0.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileCrypt Desktop 1.6.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileCrypt Desktop Pro 1.6.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileCrypt eBusiness 3.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileDate Changer 1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileDog 1.0.6.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileExt 4.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileFilter Shell Extension 2.1.9.4.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileFox 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileGeek 4.0.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileGhost 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileGuard 2.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileHelpers Library 1.4.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileInfo 2.9.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileLink 2.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileList Manager 1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileLister 1.02.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileMaid 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileMaker 7 AppleScript Reference 2.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileMaker Key 6.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileMaker Password Recovery 1.0a.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileMaker Pro for Mac 8.0v1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileMaker Pro for Windows 8.0v1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileMaker Skype Plug-in 1.0.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileMakerRecovery 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileMan 3.05.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileMap 4.0.4.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileMed 4 revision 11.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileMonkey 10.22.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileNX 1.2.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileNameFixer 0.9.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileOwner 2005 2.2.09.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FilePC 2.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FilePackager Professional 4.1 (6206).zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FilePacker 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FilePad 1.2.0.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FilePreviewer 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FilePush 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileRecover2005 2005.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileRecovery Professional 3.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileRecoveryAngel 1.13.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileReplacer 1.0.1515.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileSalvage 4.2.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileScan 2.0.4.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileScan Tool Pro 6.1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileScan Tool Pro Lite 1.2 build 2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileScout 2.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileSee 5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileShaper 1.0.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileSplit 2.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileSplit 2.33 build 420.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileSplitter 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileSpy 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileSpy 3.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileSpy NT 2.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileStorm 1.7.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileSync 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileSync 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileTiger 1.32.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileToMail (Pro) 2.1b.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileTorment 2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileUtils 2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileVan 5.04.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileVan FTP 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileVan for DOS 2.60.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileVault 3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileVis 2.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileXchange Manager 1.02.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileZ 5.3.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FileZilla 2.2.22.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Filehand Search 2.1 build 351.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Filehunter 3.4.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Filemanag 3.01.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Filename Corrector 1.03.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Filename Extractor 1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Filename Magic Pro 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Filerecovery for Windows 3.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Files Compare Tool 2.7.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Files Search Assistant 1.2.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Files Warder 1.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Files2Move-for-Outlook 1.0.11.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FilesOnTheGo 1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Filetopia 3.04d.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Filext Extension Utility 2.11.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Filezilla Password Decoder 1.03.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Filipino Foxes Screensaver 3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fill-In Design Express 3.2.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FillCD 3.0.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FillOut 2.0.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FillOutAForm 2.7.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FillToy 1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fillable Auto-Calculating Federal and State PDF Forms 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Filler 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Film Tracker 3.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FilmEasyDevelop 2.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FilmLoop 1.1.0.70.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Filmmanager 3.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Filmshelf 1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Filseclab Internet Guardian Angel 3.6.4.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Filseclab Internet Guardian Angel Update Package 3.6.0.46.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Filseclab Personal Firewall Professional Edition 3.0.0.16.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FilterGate 5.21.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FilterGate Free PopupFilter 5.21.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FilterPro 1.03.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FiltersCAD 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FinKit 2.6.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Final Cut Pro Forum Search 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Final Cut Pro Update 3.0.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Final Cut Pro Update 4.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Final Drive Nitro .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Final Drive Nitro 2005.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Final Duel 2 - Deathmatch Arena 1.05.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Final Effects Complete 4.02.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Final Excuse Pro 1.3.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Final Fantasy VII XP Patch 1.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Final Fantasy VII demo .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Final Furlong 1.06.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Final Liberation demo .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Final Quake III Arena demo .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Final Stand 4 The Key 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FinalBuilder 3.1.0.111.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FinalData Premium 2.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FinalRecovery 1.4.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FinalRecovery 2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FinanCalc for Excel 1.6.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Finance Calculator 1.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FinancePro 2.9.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Financial Advisor 2.6.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Financial Advisor for Excel (Full Access Version) 2.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Financial Calculator (Smartphone) 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Financial Calculators 1.1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Financial Planner (Personal) 2.6.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Finch Color Manager 1.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FinchTV 1.4.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Find 2.01.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Find Desktop Standard 1.74.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Find Error Description 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Find Every File 3.4.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Find Junk Files 3.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Find My Credit Card 2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Find Password Protected Documents 3.0.192.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Find Protected 2.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Find and Run 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Find and Run Robot 1.5.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Find it 1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FindFlash 1.6.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FindForum 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FindGraph 1.555.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FindInFilesX Professional 1.61.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FindIt 2.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FindReplaceExcel 1.0.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Findat 2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Finddouble 1.4.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Finder 2.0.4.8.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Finder View Settings 1.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Finder Window Manager 1.8.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Finder's Friend 1.5.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Finders Keepers 2.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Findictionary 0.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FindinSite-CD 6.01.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FindinSite-JS 6.02.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FindinSite-MS 1.18.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Finding Neverland .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Finding Neverland Trailer .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Findit Quick Toolbar 2.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fine Arts Toolbox 3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fine Arts Visions 2006 Desktop Calendar 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fine Metronome 1.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FineBrowser Freeware 3.2.24.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FineBrowser Professional 3.2.22.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FineCount 1.4.1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FineCrypt 9.1 build 2184.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FineTable 1.4.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Finger 1.9.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Finger Dial 2.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FingerPaint 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fingerprint Recognition System 5.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fingerprints 1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fingertime Sudoku 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Finity Flight 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Finlay's Fathoms demo .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fire & EMS Screensaver 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fire 1.5.6.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fire Captain Bay Area Inferno demo.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fire Fight demo 1.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fire Fighter III Study Helper Code II 4.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FireAnt 1.0.1.72.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FireDaemon 1.9 GA build 2196.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FireFTP 0.94.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FireFTP 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FireFly 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FireFly Voice Command Browser 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FireFox Okapiland Plugin 2.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FireFox Okapiland Search Toolbar 2.4.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FireLiner 3.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FireMagic 2.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FireMan 1.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FireNotes 0.5.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FirePaint 2006 2.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FirePanel XP 2.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FireStarter Helpdesk 2.31.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FireStormDAO 2.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FireTune for Firefox 1.1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FireWire IIDC Camera Driver 1.0.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fireball for Symbian Series 60 devices 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and

#8 Dober

Dober
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:07 PM

Posted 03 July 2006 - 03:17 PM

C:\Documents and Settings\Brad\Complete\Firefight 3.0b.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Firefly 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Firefly 1.02.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Firefly Living Desktop 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Firefox Extension WhatDoesThatMean.com 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Firefox Showcase 0.5.8.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FirefoxIE Web Browser 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Firegraphic 8.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Firehand Ember 7.2.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Firehand Lightning Free 5.0.8.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Firemail 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fireman's Adventures 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Firemen Bounce 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Firemonger 1.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Firepad Picture Viewer 6.4.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fireplace (active) 1.0 build 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fireplace 3D Screensaver 1.0 build 2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Firespawn 1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Firestarter demo .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Firestorm Plus 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Firestreamer 1.4.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Firestreamer-RM 2.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Firetrust Encrypt 1.1D.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Firewall 2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Firewall Builder 2.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fireworks .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fireworks 2 .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fireworks MX 2004 Updater 7.0.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fireworks Screensaver 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fireworks Simulation Engine 2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FirmTools Album Creator Basic 3.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FirmTools Clouds Screensaver 2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FirmTools Hexis 1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FirmTools PanoramaComposer 2.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FirmTools ShellExtension 2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\First Aid 2000 .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\First Aid Guide 1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\First Aid Guide for Palm OS 1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\First Aid Guide for Symbian Series 60 1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\First Christmas Screensaver 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\First Daughter Trailer .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\First Diagramming 1.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\First Easy Accounting 5.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\First Name Almanac Professional 11.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\First Name Origins 5.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\First Names 2006 5.0.0.4.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\First Page 2006 3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\First Star Online 2 1.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\First Star Online Stratics 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\First Steps to Immediate Cash - Free eBook 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\First Submit 1.5.1.7.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FirstClass Client (OS X) 7.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FirstClass Client 7.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FirstDraw 2.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FirstSpot 3.0.4.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FirstStop WebSearch Deluxe Edition 4.21.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FirstStop WebSearch Standard Edition 4.21.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FirstWare Assistant 2004 3.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fiscality Financial System 2003.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fischerspooner Emerge Music Video .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fischerspooner Sweetness Music Video .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fish Aquarium 3D Screensaver 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fish Passion 2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fish Tales 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fish Tycoon (Windows) 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fish Tycoon 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fish Tycoon 1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FishInSight Professional 3.5.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FisherFaces for Face Matching 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fisherman's Wharf 3D Screensaver 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fishing Calendar 1.42.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fishing Expert 4.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fishing Log Pro 2.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fishing Season 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fission Media Player 1.7.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fit Kit 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fit to List 2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fit@work 3D 1.9.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FitWorkout 2.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FitalyLetris 1.01.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fitness Assistant 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fitness Calculators 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fitness Tools 4.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FitnessBliss 2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FitnessPlus 4.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FitnessTool 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FitnessTracker Pro 1.0.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FitnessWatch 1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fitznik 1.2.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Five Arnolds 1.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Five Card Deluxe .zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Five Card Frenzy 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Five Cellular Automata 6.12d.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Five Essential Essays - Prabandha Panchakam 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Five Star PopUp Blocker 1.6.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Five of the Kind 1.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Five+ 2.72.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fix My Ebooks 2.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fix My Registry 2.01.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fix Registry Errors 3.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fix Shortcut To Desktop 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FixLinks 2.01.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FixRegistryError 2.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FixTunes 1.3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FixWindowsUpdate 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fixed It Baseball Scorebook 2.4.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fixed It Basketball ScoreBook 2.1a.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fizzle 0.4.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FlaPops 2.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Flag 3D Photo Screensaver 1 build 2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Flags of North America 0.8.2621.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Flags of the World 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FlagsDemo 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Flajector 2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FlameOut 1.0.1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Flameball 2.7.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Flamin HTML Builder 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Flaming CD Burner 1.8.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FlamingWall Personal Firewall 1.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Flamingo 2.42a.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Flamingos 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Flanger FL-ii 2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Flanker demo 2.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Flaredance Firework Screensaver 1.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Flash 'n Bingo 1.4.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Flash 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Flash 2 Screensaver 2.1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Flash Album Creator 1.54.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Flash CD & DVD Burner 2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Flash Capture 1.2.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Flash Card Manager 2.0.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Flash Cards For Learning 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Flash Catcher 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Flash Catcher 2.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Flash Clock ScreenSaver FL.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Flash Compiler & Decompiler 0.91.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\FlashFXP v3 4 0 1140-DVT.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Flat Out 2 PAL XBOX LCS.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Flat Out 2 PAL XBOX-LCS.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\For Woman 3 rar.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Free MP3s.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Fx Audio Video Editor Joiner Splitter Suite MPEG Writer Magic Music Movie.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Garfield A Tail Of Two KittiesCAM VCD-PreVail[www revolutiontt org].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Ghost Rider (2007) Trailer H1080p mov.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Global Perspectives - 100 HQ JPG 300 dpi - 3156x3156.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Goldberg - Bias - A CBS Insider Exposes How the Media Distort the News (2003) pdf.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Hacker New Magazine N&deg;10 F&eacute;vrier Mars 2006 PDF FRENCH eBooK-LuXuRe rar.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Hacker New Magazine N&deg;11 Avril Mai 2006 PDF FRENCH eBooK-LuXuRe rar.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Hacking hotmail and other info.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Head First - Design Patterns pdf.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Help Center.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Holy Blood Holy Grail (Audiobook).zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\How to advertise.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Howard Stern CF 6-28-2006 56k + Wrap Up Show.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Huge Storm Collection Screensaver.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\IRC chat.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\IRC-Galleria LEAKED COMMERCIAL-nZYME [fixed] avi.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\International media.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Internet Explorer 7 BETA3+key rar.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\InuYasha - 152 - Protect and Plunder! [C-W] (HQ).zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Its Always Sunny In Philadelphia S02E01-E02 DSR XviD-UMD [eztv].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Joe Cocker - The Essential [1995][Inc Covers]192Kbps.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Jon Rappoport - The Paranormal - C2CAM April 4th 2004.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Jon Rappoport - The Secret Behind Secret Societies Ebook 2004.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Juiced Eliminator [USA][English][PSP][www newpct com].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Keith Jarrett Trio - Live at the Blue Note Complete - jazz.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Korn - Ultimate Discography 9 Albums + 1 Bonus Album-sHrEDDeR.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Kyle XY S01E01 REPACK DSR XviD-UMD [eztv].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\L'Esquipe du 29 juin 06.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Le MondePDF290606 zip.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Learnkey - CISSP [myBittorrent].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Lynda com - Podcasting with GarageBand 3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Menina de brazilian.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Micro Hebdo 427 fr rar.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Micro Machines V4 USA PS2CD-STRiKE.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Micro Machines V4 [USA-NTSC][English][PS2CD][www newpct com].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Micro Machines v4 (EUR) PSP loads with Devhook (included).zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\MicroMachines V4 EUR PROPER (WORKING) LiMiTEPSP.COM.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Most Haunted S08E01 Michelham Priory PDTV XviD-SSTV [eztv].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\NOW 64 (Pre-release)www.factorforums.co.uk.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Naruto 313 MQ Binktopia rar.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Native Instruments Kontakt v2 1 1 001 Incl KeyGen.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\OpenGL Shading Language 2nd Edition (Orange Book) 2006.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Ozzy Osbourne - Price Of Darkness Boxset + Secret Songs Box.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\PS2DVD - Full Spectrum Warrior Ten Hammers [PAL] [Multi4] [www GamesTorrents com].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\PS2DVD - Pirates of the Carribean 2 The Legend of Jack Sparrow [USA] [www GamesTorrents com].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Partnership opportunities.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Pepper Dennis S01E12 HDTV XviD-LOL [eztv].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Photoshop Brush Pack Collection 4 [65+].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Pimp My Ride S05E03 DSR XviD-UMD [eztv].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Pirates of the Carribean 2 The Legend of Jack Sparrow USA PS2DVD-PROTOCOL.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Pocket-DVD Studio 3.6 Build 01.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Portable Nero 7 2 0 3b - [www slotorrent net].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Poseidon (2006) ZN TELECiNE KvCD by Hockney(TUS Release).zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Pragmatic Bookshelf Pragmatic Ajax A Web 2 0 Primer Apr 2006 eBook-BBL.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Privacy policy.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Ps2 Ssx Trick Ntsc FullCd UpLoader Afro By [wWw PlayStationPlanet OrG].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Ps2 Swords Of Destiny Pal Multi3 Eng Fre Spa FullDvdRebuilded UpLoader Afro By [wWw PlayStationPlane.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Release 1.0.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Runs House S02E03 DSR XviD-UMD [eztv].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\SNK Playmore E3 2006 Games.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Scary Movie 4 2006 DVDSCR XviD SWESUB-SWEpneT.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Scary Movie 4 DVDSCR XVID-DANK [www torrentfive com].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Scorpions - Very Best Of [2002][CD+2Vids+Covers]192Kbps.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Se&ntilde;or Coconut And His Orchestra - Yellow Fever! [2006].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Search Cloud.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Serial Cracker.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Sexy Babes Desktops Stripper + 21 models.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Show all of today &rarr;.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Soft Cell - The Very Best Of [2002][CD+Vid+Covers]192Kbps.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\South American Pie 3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Spider-Man 3 (2007) Trailer H1080p mov.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Spyware Doctor 3 8 Pro+ key generator rar.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Spyware Removal.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Street Fighter 2 Victory Full Episodes 1 - 29 Excelent Qualitty.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Submit Software.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Sugar Rush S02E04 WS PDTV XviD-RiVER [eztv].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Superman - Up, Up and Away (2006).zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Superman Returns- Prequel 1-3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Superman returns 2006 movie-[Demonoid com].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Superman.Returns.CAM.XVIDCAM XviD SamPle [MusicFileShare.net].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\SupermanReturns CAM XVID [MusicFileShare net].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Sweet And Petite XviD [MusicFileShare.net].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\THE BEST OF THE HOUSEMARTINS.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\TV Shows.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Terms of use.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\The Colbert Report 06.28.06 (DSRip-DIMENSION)[VTV].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\The Colbert Report 06.29.06 (DSRip-DIMENSION)[VTV].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\The Daily Show 06.28.06 (DSRip-UMD)[VTV].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\The Daily Show 06.29.06 (DSRip-DIMENSION)[VTV].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\The Fast And The Furious Tokyo Drift XViD.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\The Hills S01E05 WS DSR XviD-UMD [eztv].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\The Omen iNTERNAL TC XviD-ASTEROiDS avi.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\The Teacher XviD [MusicFileShare.net].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\The Vibrating Maid 2000 DvdRip XviD-PiMpRiPPaZ avi.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Thin Lizzy - Greatest Hits [2004][2CD + Covers]192Kbps.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Tiffany Walker - 1st anal.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Tiny asian gets her tight pussy mounted-asian-divas-1-scene3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Today on CNET.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Touring Romania (Shu Ting) zip.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\UFO NWO Bill Deagle.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Upload a torrent.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Video Convert Master.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Waist Deep 2006 CAM XViD-SubAtom [www torrentfive com].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\We Are England - NEW World Cup anthem from the B N P .wma.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Webroot SpySweeper v4 5 9 709 with keygen and updater151.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\West - Serpent in the Sky - The High Wisdom of Ancient Egypt (1993) pdf.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Wildlife Park 2 SFClone-UnleashedBRANDNEW + WEBSEED.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Windfall S01E04 HDTV XviD-LOL [eztv].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Windows Defender Beta 2 - No WGA Check.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Windows Vista 5456 Activator rar.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\Windows XP Pro VLK SP2 FR Original rar [keznews net].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\World Of Warcraft GAME GUiDE pdf.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\World Poker Tour S04E18 Bad Boys of Poker II DSR XviD-TBS [eztv].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\X-Men Cartoon Complete Seasons 1-5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\ZESTAW DDGIRLS COM ( JPG -1600 X 1055-1024 X 683-119SZTUK).zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\[Ayu] The Third - Aoi Hitomi no Shoujo - 06 [A330FAB2] avi.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\[Bakakozou - Conclave]Witchblade - 05[H264][5E4DA10C] mkv.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\[DB] Naruto 191 [E7923CB9] avi.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\[Megami] ZegaPain - 09 [269B1A66] mp4.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\[Mishicorp] xxxHOLIC 12 [118 8MB] 259EFA61 avi.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\[Nipponsei] Witchblade ED Single - Ableepa no te [Noto Mamiko] zip.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\[Nipponsei] dot hack Roots Original Soundtrack zip.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\[Oyasumi] TOKKO 08 [6823E30E] mkv.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\[PSP] Gitaroo Man Live [JAP] - [www ESPALPSP com] rar.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\[PSP] MicroMachines v4 [EUR] - [www ESPALPSP com] rar.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\[SRN]Strawberry Panic 13 [CACB579D].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\[S^M] Naruto 191 RAW avi.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\[Your-Mom] School Rumble 2nd - 12 [848E37C3] avi.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\[aarinfantasy-KissSub] Princess Princess - 11 [623E2C33] avi.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\[multimedia ebook - ITA] Sapori di Sardegna - guida alla cucina sarda [tntvillage org].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\[zw] dot Hack Roots 13 (704x400 XviD Vorbis) [4F724E99] mkv.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\fileWATCH 5.01.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\fileXfer 1.5.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\girl brazilian jpg.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\mega fight wmv.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\sexy pics.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\sting-the best of (fields of gold).zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\vista activation! rar.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Brad\Complete\www ubb to The Legend of Jack Sparrow USA PS2DVD-PROTOCOL.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).


::Report end



Logfile of HijackThis v1.99.1
Scan saved at 3:02:43 PM, on 7/3/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\win32064509-39979.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe
C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HijackThis 1.99.1\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Yvakt Class - {AE0ECC2F-0C33-494C-8B22-B57A7763027F} - C:\WINDOWS\system32\x3cqp0.dll (file missing)
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [win32064509-39979] C:\WINDOWS\win32064509-39979.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [TClock.exe] C:\Program Files\TClock\tclock_install.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1144422573946
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B0D5005F-B493-426C-A066-8243F4466A72}: NameServer = 216.114.28.3,64.83.160.45
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

#9 Dober

Dober
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:07 PM

Posted 03 July 2006 - 03:18 PM

Start Time= Mon 07/03/2006 14:57:25.78
Running from: C:\Documents and Settings\Brad\Desktop

QuickScan did not find any signs of infected files

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-07-03 13:59:46 0 ( A.... ) "C:\Documents and Settings\Brad\Application Data\internaldb41.dat"
2006-07-03 13:13:34 ( .D... ) "C:\Program Files\ewido anti-spyware 4.0"
2006-07-03 12:40:00 143360 ( A.... ) "C:\WINDOWS\win32064509-39979.exe"
2006-07-03 12:39:16 0 ( A.... ) "C:\WINDOWS\win32064509-399792006.exe"
2006-07-03 12:39:16 0 ( A.... ) "C:\WINDOWS\ms04794509-3992006.exe"
2006-06-28 20:26:44 ( .D... ) "C:\Program Files\InterMute"
2006-06-28 17:36:32 8464 ( A.... ) "C:\WINDOWS\system32\sporder.dll"
2006-06-28 17:33:10 ( .D... ) "C:\Program Files\Common Files\T?sks"
2006-06-27 22:11:16 ( .D... ) "C:\Program Files\HijackThis 1.99.1"
2006-06-27 20:41:56 ( .D... ) "C:\Documents and Settings\Brad\Application Data\Lavasoft"
2006-06-27 20:41:52 ( .D... ) "C:\Program Files\Lavasoft"
2006-06-27 20:24:00 0 ( A.... ) "C:\WINDOWS\win32099-399794502006.exe"
2006-06-27 12:46:32 ( .D... ) "C:\Documents and Settings\Brad\Application Data\Sun"
2006-06-21 16:51:30 ( .D... ) "C:\Program Files\Java"
2006-06-21 16:40:30 ( .D... ) "C:\Program Files\Common Files\Java"
2006-06-21 16:39:58 ( .D... ) "C:\Program Files\LimeWire"
2006-06-16 16:48:56 ( .D... ) "C:\Program Files\Common Files\xing shared"
2006-06-16 16:48:54 176167 ( A.... ) "C:\WINDOWS\system32\rmoc3260.dll"
2006-06-16 16:48:52 278528 ( A.... ) "C:\WINDOWS\system32\pncrt.dll"
2006-06-16 16:48:52 6656 ( A.... ) "C:\WINDOWS\system32\pndx5016.dll"
2006-06-16 16:48:52 5632 ( A.... ) "C:\WINDOWS\system32\pndx5032.dll"
2006-06-16 16:48:52 ( .D... ) "C:\Program Files\Real"
2006-06-16 16:48:52 ( .D... ) "C:\Program Files\Common Files\Real"
2006-06-16 16:48:34 ( .D... ) "C:\Documents and Settings\Brad\Application Data\Real"
2006-06-09 18:47:20 ( .D... ) "C:\Program Files\eXeem"
2006-06-09 18:39:16 ( .D... ) "C:\Program Files\Alcohol Soft"
2006-06-09 18:33:42 284 ( A.... ) "C:\Documents and Settings\Brad\Application Data\ViewerApp.dat"
2006-06-09 18:01:26 50 ( A.... ) "C:\AUTOEXEC.BAT"
2006-06-09 18:00:48 ( .D... ) "C:\Program Files\PIXELA"
2006-06-09 17:58:04 ( .D... ) "C:\Program Files\Common Files\muvee Technologies"
2006-06-09 17:58:02 ( .D... ) "C:\Program Files\Sony Corporation"
2006-06-08 18:19:52 5967776 ( A.... ) "C:\WINDOWS\system32\MRT.exe"
2006-06-07 11:18:12 126976 ( A.... ) "C:\WINDOWS\War3Unin.exe"
2006-06-07 11:15:02 ( .D... ) "C:\Program Files\Warcraft III"
2006-06-01 13:47:08 163840 ( A.... ) "C:\WINDOWS\system32\jgdw400.dll"
2006-06-01 13:47:08 27648 ( A.... ) "C:\WINDOWS\system32\jgpl400.dll"
2006-05-30 18:09:20 24576 ( A.... ) "C:\WINDOWS\Uninstall.exe"
2006-05-29 10:30:34 1494016 ( A.... ) "C:\WINDOWS\system32\shdocvw.dll"
2006-05-19 10:08:32 3052544 ( A.... ) "C:\WINDOWS\system32\mshtml.dll"
2006-05-18 00:24:26 450560 ( A.... ) "C:\WINDOWS\system32\jscript.dll"
2006-05-16 03:38:40 499712 ( A.... ) "C:\WINDOWS\system32\msvcp71.dll"
2006-05-16 03:38:40 348160 ( A.... ) "C:\WINDOWS\system32\msvcr71.dll"
2006-05-15 15:41:50 ( .D... ) "C:\Program Files\Mediafour"
2006-05-14 12:34:06 81920 ( ....R ) "C:\WINDOWS\bwUnin-6.1.4.61-8876480L.exe"
2006-05-14 12:22:18 ( .D... ) "C:\Program Files\Common Files\Logitech"
2006-05-14 12:22:16 ( .D... ) "C:\Program Files\Logitech"
2006-05-14 03:44:08 181248 ( A.... ) "C:\WINDOWS\system32\rasmans.dll"
2006-05-13 13:57:54 ( .D... ) "C:\Documents and Settings\Brad\Application Data\Ahead"
2006-05-13 13:56:04 ( .D... ) "C:\Program Files\Nero"
2006-05-13 13:56:04 ( .D... ) "C:\Program Files\Common Files\Ahead"
2006-05-11 03:23:24 24576 ( A.... ) "C:\WINDOWS\system32\xpsp3res.dll"
2006-05-10 17:16:14 43520 ( A.... ) "C:\WINDOWS\system32\CmdLineExt03.dll"
2006-05-10 00:23:04 658432 ( A.... ) "C:\WINDOWS\system32\wininet.dll"
2006-05-10 00:23:02 613888 ( A.... ) "C:\WINDOWS\system32\urlmon.dll"
2006-05-10 00:23:02 532480 ( A.... ) "C:\WINDOWS\system32\mstime.dll"
2006-05-10 00:23:02 474112 ( A.... ) "C:\WINDOWS\system32\shlwapi.dll"
2006-05-10 00:23:02 448512 ( A.... ) "C:\WINDOWS\system32\mshtmled.dll"
2006-05-10 00:23:02 146432 ( A.... ) "C:\WINDOWS\system32\msrating.dll"
2006-05-10 00:23:02 39424 ( A.... ) "C:\WINDOWS\system32\pngfilt.dll"
2006-05-10 00:23:00 1054208 ( A.... ) "C:\WINDOWS\system32\danim.dll"
2006-05-10 00:23:00 1022976 ( A.... ) "C:\WINDOWS\system32\browseui.dll"
2006-05-10 00:23:00 357888 ( A.... ) "C:\WINDOWS\system32\dxtmsft.dll"
2006-05-10 00:23:00 251392 ( A.... ) "C:\WINDOWS\system32\iepeers.dll"
2006-05-10 00:23:00 205312 ( A.... ) "C:\WINDOWS\system32\dxtrans.dll"
2006-05-10 00:23:00 151040 ( A.... ) "C:\WINDOWS\system32\cdfview.dll"
2006-05-10 00:23:00 96256 ( A.... ) "C:\WINDOWS\system32\inseng.dll"
2006-05-10 00:23:00 55808 ( ..... ) "C:\WINDOWS\system32\extmgr.dll"
2006-05-10 00:23:00 16384 ( A.... ) "C:\WINDOWS\system32\jsproxy.dll"
2006-05-08 22:27:36 ( .D... ) "C:\Program Files\QuickTime"
2006-05-04 20:48:18 1682 ( A.SH. ) "C:\WINDOWS\system32\KGyGaAvL.sys"
2006-05-04 20:48:18 56 ( ..SHR ) "C:\WINDOWS\system32\0DC1A8A69D.sys"
2006-05-04 20:48:16 ( .D... ) "C:\Program Files\DivX"
2006-05-04 16:29:50 ( .D... ) "C:\Program Files\Spybot - Search & Destroy"
2006-05-04 16:06:06 47564 ( A.... ) "C:\ntdetect.com"
2006-04-29 06:07:48 5533696 ( A.... ) "C:\WINDOWS\system32\wmp.dll"
2006-04-16 22:35:20 60416 ( A.... ) "C:\WINDOWS\ALCFDRTM.EXE"
2006-04-10 13:00:34 555824 ( ..... ) "C:\WINDOWS\system32\LegitCheckControl.dll"
2006-04-10 13:00:30 144688 ( ..... ) "C:\WINDOWS\system32\WgaLogon.dll"
2006-04-10 13:00:28 186672 ( ..... ) "C:\WINDOWS\system32\WgaTray.exe"
2006-04-07 18:43:56 107134 ( A.... ) "C:\WINDOWS\UninstallFirefox.exe"


((((((((((((((((((((((((((((((((((((((((( Files Created - Last 90days ))))))))))))))))))))))))))))))))))))))))))))))


2006-07-03 12:39 143,360 C:\WINDOWS\win32064509-39979.exe
2006-07-03 12:39 0 C:\WINDOWS\win32064509-399792006.exe
2006-07-03 12:39 0 C:\WINDOWS\ms04794509-3992006.exe
2006-06-28 17:36 8,464 C:\WINDOWS\system32\sporder.dll
2006-06-27 20:23 0 C:\WINDOWS\win32099-399794502006.exe
2006-06-22 17:58 49,250 C:\WINDOWS\system32\javaw.exe
2006-06-22 17:58 49,248 C:\WINDOWS\system32\java.exe
2006-06-22 17:58 127,078 C:\WINDOWS\system32\javaws.exe
2006-06-16 16:48 6,656 C:\WINDOWS\system32\pndx5016.dll
2006-06-16 16:48 5,632 C:\WINDOWS\system32\pndx5032.dll
2006-06-16 16:48 278,528 C:\WINDOWS\system32\pncrt.dll
2006-06-16 16:48 176,167 C:\WINDOWS\system32\rmoc3260.dll
2006-06-09 18:46 306,688 C:\WINDOWS\IsUninst.exe
2006-06-09 17:58 89,360 C:\WINDOWS\system32\VB5DB.DLL
2006-06-09 17:58 854,528 C:\WINDOWS\system32\Ltwvc12n.dll
2006-06-09 17:58 78,336 C:\WINDOWS\system32\LFFAX12n.DLL
2006-06-09 17:58 43,008 C:\WINDOWS\system32\lfgif12n.dll
2006-06-09 17:58 41,472 C:\WINDOWS\system32\LTTWN12n.DLL
2006-06-09 17:58 406,528 C:\WINDOWS\system32\LTKRN12n.DLL
2006-06-09 17:58 314,880 C:\WINDOWS\system32\LFCMP12n.DLL
2006-06-09 17:58 278,528 C:\WINDOWS\system32\LTDIS12n.DLL
2006-06-09 17:58 25,600 C:\WINDOWS\system32\lfavi12n.dll
2006-06-09 17:58 227,840 C:\WINDOWS\system32\LTEFX12n.DLL
2006-06-09 17:58 166,400 C:\WINDOWS\system32\LTIMG12n.DLL
2006-06-09 17:58 155,648 C:\WINDOWS\system32\LFTIF12n.DLL
2006-06-09 17:58 122,368 C:\WINDOWS\system32\LTFIL12n.DLL
2006-06-09 17:58 121,856 C:\WINDOWS\system32\lfmpg12n.dll
2006-06-09 17:56 53,248 C:\WINDOWS\system32\SONYHCY.DLL
2006-06-07 11:18 126,976 C:\WINDOWS\War3Unin.exe
2006-05-30 18:09 24,576 C:\WINDOWS\Uninstall.exe
2006-05-16 03:38 499,712 C:\WINDOWS\system32\msvcp71.dll
2006-05-16 03:38 348,160 C:\WINDOWS\system32\msvcr71.dll
2006-05-14 12:34 81,920 C:\WINDOWS\bwUnin-6.1.4.61-8876480L.exe
2006-05-14 12:22 97,792 C:\WINDOWS\system32\LGUICOM.DLL
2006-05-14 12:22 94,208 C:\WINDOWS\system32\FEELIT.DLL
2006-05-14 12:22 3,568 C:\WINDOWS\system32\LMOUSE16.DLL
2006-05-14 12:22 23,372 C:\WINDOWS\system32\LCoInst.Dll
2006-05-14 12:22 20,992 C:\WINDOWS\LOGI_MWX.EXE
2006-05-14 12:22 16,896 C:\WINDOWS\system32\LMOUSE32.DLL
2006-05-14 12:22 155,648 C:\WINDOWS\system32\ifc21.dll
2006-05-14 12:22 152,064 C:\WINDOWS\system32\lmoufrc.dll
2006-05-14 12:22 104,960 C:\WINDOWS\system32\COMNCTR.DLL
2006-05-08 22:27 86,016 C:\WINDOWS\unvise32qt.exe
2006-05-04 20:48 56 C:\WINDOWS\system32\0DC1A8A69D.sys
2006-05-04 20:48 1,682 C:\WINDOWS\system32\KGyGaAvL.sys
2006-05-03 21:25 11,776 C:\WINDOWS\system32\spnpinst.exe
2006-04-27 19:27 9,600 C:\WINDOWS\system32\hidusb.sys
2006-04-27 19:27 720,896 C:\WINDOWS\system32\XFX_page.dll
2006-04-27 19:27 65,572 C:\WINDOWS\system32\XFX_ffb.dll
2006-04-27 19:27 33,152 C:\WINDOWS\system32\hidclass.sys
2006-04-27 19:27 23,680 C:\WINDOWS\system32\hidparse.sys
2006-04-27 18:36 43,520 C:\WINDOWS\system32\CmdLineExt03.dll
2006-04-16 22:35 60,416 C:\WINDOWS\ALCFDRTM.EXE
2006-04-16 18:33 90,112 C:\WINDOWS\system32\SCCD3X02.DLL
2006-04-16 18:33 131,072 C:\WINDOWS\system32\SCCD3X01.DLL
2006-04-10 13:00 555,824 C:\WINDOWS\system32\LegitCheckControl.dll
2006-04-10 13:00 186,672 C:\WINDOWS\system32\WgaTray.exe
2006-04-10 13:00 144,688 C:\WINDOWS\system32\WgaLogon.dll
2006-04-07 18:43 107,134 C:\WINDOWS\UninstallFirefox.exe
2006-04-07 12:05 77,312 C:\WINDOWS\system32\browser.dll
2006-04-07 12:05 614,912 C:\WINDOWS\system32\h323msp.dll
2006-04-07 12:05 5,967,776 C:\WINDOWS\system32\MRT.exe
2006-04-07 12:05 39,936 C:\WINDOWS\system32\mf3216.dll
2006-04-07 12:05 332,288 C:\WINDOWS\system32\netapi32.dll
2006-04-07 12:05 331,264 C:\WINDOWS\system32\ipnathlp.dll
2006-04-07 12:04 956,416 C:\WINDOWS\system32\msdtctm.dll
2006-04-07 12:04 91,136 C:\WINDOWS\system32\mtxoci.dll
2006-04-07 12:04 66,560 C:\WINDOWS\system32\mtxclu.dll
2006-04-07 12:04 625,152 C:\WINDOWS\system32\catsrvut.dll
2006-04-07 12:04 60,416 C:\WINDOWS\system32\colbact.dll
2006-04-07 12:04 581,120 C:\WINDOWS\system32\rpcrt4.dll
2006-04-07 12:04 540,160 C:\WINDOWS\system32\comuid.dll
2006-04-07 12:04 426,496 C:\WINDOWS\system32\msdtcprx.dll
2006-04-07 12:04 397,824 C:\WINDOWS\system32\rpcss.dll
2006-04-07 12:04 243,200 C:\WINDOWS\system32\es.dll
2006-04-07 12:04 239,104 C:\WINDOWS\system32\srrstr.dll
2006-04-07 12:04 225,792 C:\WINDOWS\system32\catsrv.dll
2006-04-07 12:04 161,280 C:\WINDOWS\system32\msdtcuiu.dll
2006-04-07 12:04 110,080 C:\WINDOWS\system32\clbcatex.dll
2006-04-07 12:04 101,376 C:\WINDOWS\system32\txflog.dll
2006-04-07 12:04 1,285,120 C:\WINDOWS\system32\ole32.dll
2006-04-07 12:04 1,267,200 C:\WINDOWS\system32\comsvcs.dll
2006-04-07 12:02 26,112 C:\WINDOWS\system32\xpsp1hfm.exe
2006-04-07 11:02 90,112 C:\WINDOWS\SOUNDMAN.EXE
2006-04-07 11:02 40,960 C:\WINDOWS\system32\ChCfg.exe
2006-04-07 11:02 307,200 C:\WINDOWS\alcupd.exe
2006-04-07 11:02 212,992 C:\WINDOWS\alcrmv.exe
2006-04-07 11:02 156,672 C:\WINDOWS\system32\RTLCPAPI.dll
2006-04-07 11:02 10,458,112 C:\WINDOWS\system32\RTLCPL.EXE
2006-04-07 10:59 9,728 C:\WINDOWS\system32\bdco1ins.dll
2006-04-07 10:59 9,728 C:\WINDOWS\system32\bdco1.dll
2006-04-07 10:59 466,944 C:\WINDOWS\system32\CapabilityTable.exe
2006-04-07 10:59 33,280 C:\WINDOWS\system32\nvconrmins.dll
2006-04-07 10:59 33,280 C:\WINDOWS\system32\nvconrm.dll
2006-04-07 10:59 33,280 C:\WINDOWS\system32\NVCOI.DLL
2006-04-07 10:59 289,792 C:\WINDOWS\system32\idecoins.dll
2006-04-07 10:59 289,792 C:\WINDOWS\system32\idecoi.dll
2006-04-07 10:59 202,240 C:\WINDOWS\system32\fdco1ins.dll
2006-04-07 10:59 202,240 C:\WINDOWS\system32\fdco1.dll
2006-04-07 10:59 176,128 C:\WINDOWS\system32\nvusmb.exe
2006-04-07 10:59 176,128 C:\WINDOWS\system32\nvunrm.exe
2006-04-07 10:59 176,128 C:\WINDOWS\system32\NVUNINST.EXE
2006-04-07 10:59 176,128 C:\WINDOWS\system32\nvuide.exe
2006-04-07 10:49 50 C:\AUTOEXEC.BAT
2006-04-07 10:49 112,128 C:\WINDOWS\system32\mapi32.dll
2006-04-07 10:49 0 C:\MSDOS.SYS
2006-04-07 10:49 0 C:\IO.SYS
2006-04-07 10:49 0 C:\CONFIG.SYS
2006-04-07 10:47 64,512 C:\WINDOWS\system32\acctres.dll
2006-04-07 10:47 16,384 C:\WINDOWS\system32\icfgnt5.dll
2006-04-07 10:47 12,288 C:\WINDOWS\system32\nmevtmsg.dll
2006-04-07 10:47 11,264 C:\WINDOWS\system32\atrace.dll
2006-04-07 10:46 97,792 C:\WINDOWS\system32\comrepl.dll
2006-04-07 10:46 9,728 C:\WINDOWS\system32\reset.exe
2006-04-07 10:46 80,384 C:\WINDOWS\system32\charmap.exe
2006-04-07 10:46 73,216 C:\WINDOWS\system32\avwav.dll
2006-04-07 10:46 605,696 C:\WINDOWS\system32\getuname.dll
2006-04-07 10:46 56,832 C:\WINDOWS\system32\sol.exe
2006-04-07 10:46 55,296 C:\WINDOWS\system32\freecell.exe
2006-04-07 10:46 54,272 C:\WINDOWS\system32\stclient.dll
2006-04-07 10:46 5,632 C:\WINDOWS\system32\write.exe
2006-04-07 10:46 5,120 C:\WINDOWS\system32\dcomcnfg.exe
2006-04-07 10:46 44,544 C:\WINDOWS\system32\hticons.dll
2006-04-07 10:46 4,096 C:\WINDOWS\system32\rdpcfgex.dll
2006-04-07 10:46 4,096 C:\WINDOWS\system32\mtxex.dll
2006-04-07 10:46 35,328 C:\WINDOWS\system32\winchat.exe
2006-04-07 10:46 33,792 C:\WINDOWS\system32\regini.exe
2006-04-07 10:46 25,600 C:\WINDOWS\system32\comaddin.dll
2006-04-07 10:46 25,088 C:\WINDOWS\system32\mtxlegih.dll
2006-04-07 10:46 227,840 C:\WINDOWS\system32\avtapi.dll
2006-04-07 10:46 22,016 C:\WINDOWS\system32\qwinsta.exe
2006-04-07 10:46 20,992 C:\WINDOWS\system32\msg.exe
2006-04-07 10:46 20,480 C:\WINDOWS\system32\mtxdm.dll
2006-04-07 10:46 16,896 C:\WINDOWS\system32\tsshutdn.exe
2006-04-07 10:46 16,896 C:\WINDOWS\system32\qappsrv.exe
2006-04-07 10:46 16,384 C:\WINDOWS\system32\tskill.exe
2006-04-07 10:46 16,384 C:\WINDOWS\system32\avmeter.dll
2006-04-07 10:46 15,872 C:\WINDOWS\system32\rwinsta.exe
2006-04-07 10:46 15,872 C:\WINDOWS\system32\cdmodem.dll
2006-04-07 10:46 15,360 C:\WINDOWS\system32\logoff.exe
2006-04-07 10:46 147,456 C:\WINDOWS\system32\comsnap.dll
2006-04-07 10:46 14,848 C:\WINDOWS\system32\tsdiscon.exe
2006-04-07 10:46 14,848 C:\WINDOWS\system32\tscon.exe
2006-04-07 10:46 14,848 C:\WINDOWS\system32\shadow.exe
2006-04-07 10:46 138,752 C:\WINDOWS\system32\sndvol32.exe
2006-04-07 10:46 126,976 C:\WINDOWS\system32\mshearts.exe
2006-04-07 10:46 124,184 C:\WINDOWS\system32\wuauclt.exe
2006-04-07 10:46 119,808 C:\WINDOWS\system32\winmine.exe
2006-04-07 10:46 114,688 C:\WINDOWS\system32\calc.exe
2006-04-07 10:46 1,343,768 C:\WINDOWS\system32\wuaueng.dll
2006-04-07 10:46 1,161 C:\WINDOWS\system32\usrlogon.cmd
2006-04-07 10:40 994,304 C:\WINDOWS\system32\msgina.dll
2006-04-07 10:40 99,840 C:\WINDOWS\system32\advpack.dll
2006-04-07 10:40 99,328 C:\WINDOWS\system32\winscard.dll
2006-04-07 10:40 984,576 C:\WINDOWS\system32\syssetup.dll
2006-04-07 10:40 983,552 C:\WINDOWS\system32\setupapi.dll
2006-04-07 10:40 983,552 C:\WINDOWS\system32\kernel32.dll
2006-04-07 10:40 98,304 C:\WINDOWS\system32\slbiop.dll
2006-04-07 10:40 98,304 C:\WINDOWS\system32\ahui.exe
2006-04-07 10:40 97,280 C:\WINDOWS\system32\loadperf.dll
2006-04-07 10:40 96,768 C:\WINDOWS\system32\srvsvc.dll
2006-04-07 10:40 96,768 C:\WINDOWS\system32\psbase.dll
2006-04-07 10:40 96,768 C:\WINDOWS\system32\dpcdll.dll
2006-04-07 10:40 96,256 C:\WINDOWS\system32\occache.dll
2006-04-07 10:40 95,744 C:\WINDOWS\system32\scardsvr.exe
2006-04-07 10:40 95,744 C:\WINDOWS\system32\mqsec.dll
2006-04-07 10:40 94,720 C:\WINDOWS\system32\iphlpapi.dll
2006-04-07 10:40 94,208 C:\WINDOWS\system32\odbcint.dll
2006-04-07 10:40 93,696 C:\WINDOWS\system32\tscfgwmi.dll
2006-04-07 10:40 92,672 C:\WINDOWS\system32\wlnotify.dll
2006-04-07 10:40 92,672 C:\WINDOWS\system32\dskquota.dll
2006-04-07 10:40 92,224 C:\WINDOWS\system32\krnl386.exe
2006-04-07 10:40 92,168 C:\WINDOWS\system32\rdpdd.dll
2006-04-07 10:40 91,648 C:\WINDOWS\system32\xactsrv.dll
2006-04-07 10:40 91,136 C:\WINDOWS\system32\ntprint.dll
2006-04-07 10:40 90,624 C:\WINDOWS\system32\trkwks.dll
2006-04-07 10:40 90,624 C:\WINDOWS\system32\mydocs.dll
2006-04-07 10:40 9,728 C:\WINDOWS\system32\gpkrsrc.dll
2006-04-07 10:40 9,344 C:\WINDOWS\system32\framebuf.dll
2006-04-07 10:40 9,216 C:\WINDOWS\system32\scrnsave.scr
2006-04-07 10:40 9,216 C:\WINDOWS\system32\proxycfg.exe
2006-04-07 10:40 89,600 C:\WINDOWS\system32\smlogsvc.exe
2006-04-07 10:40 89,088 C:\WINDOWS\system32\rasauto.dll
2006-04-07 10:40 89,088 C:\WINDOWS\system32\mqlogmgr.dll
2006-04-07 10:40 884,736 C:\WINDOWS\system32\msimsg.dll
2006-04-07 10:40 875,008 C:\WINDOWS\system32\netplwiz.dll
2006-04-07 10:40 87,552 C:\WINDOWS\system32\fldrclnr.dll
2006-04-07 10:40 87,176 C:\WINDOWS\system32\rdpwsx.dll
2006-04-07 10:40 87,040 C:\WINDOWS\system32\mprapi.dll
2006-04-07 10:40 86,016 C:\WINDOWS\system32\netsh.exe
2006-04-07 10:40 86,016 C:\WINDOWS\system32\msapsspc.dll
2006-04-07 10:40 858,624 C:\WINDOWS\system32\tapi3.dll
2006-04-07 10:40 85,504 C:\WINDOWS\system32\makecab.exe
2006-04-07 10:40 85,504 C:\WINDOWS\system32\diantz.exe
2006-04-07 10:40 85,504 C:\WINDOWS\system32\catsrvps.dll
2006-04-07 10:40 84,992 C:\WINDOWS\system32\avifil32.dll
2006-04-07 10:40 84,480 C:\WINDOWS\system32\mciavi32.dll
2006-04-07 10:40 84,480 C:\WINDOWS\system32\cabview.dll
2006-04-07 10:40 831,519 C:\WINDOWS\system32\mswdat10.dll
2006-04-07 10:40 83,456 C:\WINDOWS\system32\olepro32.dll
2006-04-07 10:40 83,456 C:\WINDOWS\system32\dpvsetup.exe
2006-04-07 10:40 825,344 C:\WINDOWS\system32\d3dim700.dll
2006-04-07 10:40 82,944 C:\WINDOWS\system32\ws2_32.dll
2006-04-07 10:40 82,432 C:\WINDOWS\system32\dmscript.dll
2006-04-07 10:40 82,432 C:\WINDOWS\system32\dfrgfat.exe
2006-04-07 10:40 815,104 C:\WINDOWS\system32\mmc.exe
2006-04-07 10:40 81,920 C:\WINDOWS\system32\isign32.dll
2006-04-07 10:40 81,920 C:\WINDOWS\system32\ils.dll
2006-04-07 10:40 80,896 C:\WINDOWS\system32\netui0.dll
2006-04-07 10:40 80,384 C:\WINDOWS\system32\iccvid.dll
2006-04-07 10:40 80,384 C:\WINDOWS\system32\faultrep.dll
2006-04-07 10:40 8,704 C:\WINDOWS\system32\dciman32.dll
2006-04-07 10:40 8,704 C:\WINDOWS\system32\batt.dll
2006-04-07 10:40 8,452,096 C:\WINDOWS\system32\shell32.dll
2006-04-07 10:40 8,192 C:\WINDOWS\system32\rasadhlp.dll
2006-04-07 10:40 8,192 C:\WINDOWS\system32\ntlsapi.dll
2006-04-07 10:40 8,192 C:\WINDOWS\system32\igmpagnt.dll
2006-04-07 10:40 8,192 C:\WINDOWS\system32\d3d8thk.dll
2006-04-07 10:40 8,192 C:\WINDOWS\system32\bitsprx2.dll
2006-04-07 10:40 792,064 C:\WINDOWS\system32\comres.dll
2006-04-07 10:40 78,848 C:\WINDOWS\system32\msiexec.exe
2006-04-07 10:40 78,336 C:\WINDOWS\system32\tlntsess.exe
2006-04-07 10:40 78,336 C:\WINDOWS\system32\browsewm.dll
2006-04-07 10:40 77,824 C:\WINDOWS\system32\shrpubw.exe
2006-04-07 10:40 77,824 C:\WINDOWS\system32\cliconfg.dll
2006-04-07 10:40 77,312 C:\WINDOWS\system32\sdbinst.exe
2006-04-07 10:40 77,312 C:\WINDOWS\system32\rtcshare.exe
2006-04-07 10:40 764,928 C:\WINDOWS\system32\winntbbu.dll
2006-04-07 10:40 76,800 C:\WINDOWS\system32\nslookup.exe
2006-04-07 10:40 755,200 C:\WINDOWS\system32\ir50_32.dll
2006-04-07 10:40 75,776 C:\WINDOWS\system32\wiascr.dll
2006-04-07 10:40 75,776 C:\WINDOWS\system32\telnet.exe
2006-04-07 10:40 75,264 C:\WINDOWS\system32\inetpp.dll
2006-04-07 10:40 74,752 C:\WINDOWS\system32\storprop.dll
2006-04-07 10:40 74,752 C:\WINDOWS\system32\spoolss.dll
2006-04-07 10:40 74,752 C:\WINDOWS\system32\cryptdlg.dll
2006-04-07 10:40 74,240 C:\WINDOWS\system32\usbui.dll
2006-04-07 10:40 74,240 C:\WINDOWS\system32\unimdmat.dll
2006-04-07 10:40 74,240 C:\WINDOWS\system32\mscms.dll
2006-04-07 10:40 733,696 C:\WINDOWS\system32\qedwipes.dll
2006-04-07 10:40 73,728 C:\WINDOWS\system32\icwdial.dll
2006-04-07 10:40 73,728 C:\WINDOWS\system32\fdeploy.dll
2006-04-07 10:40 73,216 C:\WINDOWS\system32\tlntsvr.exe
2006-04-07 10:40 723,456 C:\WINDOWS\system32\userenv.dll
2006-04-07 10:40 721,920 C:\WINDOWS\system32\lsasrv.dll
2006-04-07 10:40 72,704 C:\WINDOWS\system32\msw3prt.dll
2006-04-07 10:40 72,704 C:\WINDOWS\system32\magnify.exe
2006-04-07 10:40 713,728 C:\WINDOWS\system32\opengl32.dll
2006-04-07 10:40 713,216 C:\WINDOWS\system32\sxs.dll
2006-04-07 10:40 71,680 C:\WINDOWS\system32\ssdpsrv.dll
2006-04-07 10:40 71,680 C:\WINDOWS\system32\msacm32.dll
2006-04-07 10:40 71,680 C:\WINDOWS\system32\dsdmoprp.dll
2006-04-07 10:40 708,096 C:\WINDOWS\system32\ntdll.dll
2006-04-07 10:40 704,512 C:\WINDOWS\system32\ss3dfo.scr
2006-04-07 10:40 701,440 C:\WINDOWS\system32\msxml2.dll
2006-04-07 10:40 70,656 C:\WINDOWS\system32\mmcbase.dll
2006-04-07 10:40 70,656 C:\WINDOWS\system32\amstream.dll
2006-04-07 10:40 70,144 C:\WINDOWS\system32\sigverif.exe
2006-04-07 10:40 7,424 C:\WINDOWS\system32\kd1394.dll
2006-04-07 10:40 7,168 C:\WINDOWS\system32\tlntsvrp.dll
2006-04-07 10:40 7,168 C:\WINDOWS\system32\bitsprx3.dll
2006-04-07 10:40 69,632 C:\WINDOWS\system32\scarddlg.dll
2006-04-07 10:40 69,632 C:\WINDOWS\system32\raschap.dll
2006-04-07 10:40 69,632 C:\WINDOWS\system32\odbcconf.exe
2006-04-07 10:40 69,632 C:\WINDOWS\system32\msconf.dll
2006-04-07 10:40 69,120 C:\WINDOWS\system32\notepad.exe
2006-04-07 10:40 69,120 C:\WINDOWS\system32\msctfp.dll
2006-04-07 10:40 69,120 C:\WINDOWS\system32\ciodm.dll
2006-04-07 10:40 69,120 C:\WINDOWS\notepad.exe
2006-04-07 10:40 68,768 C:\WINDOWS\system32\mmsystem.dll
2006-04-07 10:40 68,608 C:\WINDOWS\system32\digest.dll
2006-04-07 10:40 68,096 C:\WINDOWS\system32\webclnt.dll
2006-04-07 10:40 68,096 C:\WINDOWS\system32\shgina.dll
2006-04-07 10:40 68,096 C:\WINDOWS\system32\adsmsext.dll
2006-04-07 10:40 679,936 C:\WINDOWS\system32\sstext3d.scr
2006-04-07 10:40 679,424 C:\WINDOWS\system32\inetcomm.dll
2006-04-07 10:40 67,584 C:\WINDOWS\system32\sti.dll
2006-04-07 10:40 67,584 C:\WINDOWS\system32\srclient.dll
2006-04-07 10:40 67,584 C:\WINDOWS\system32\osuninst.dll
2006-04-07 10:40 67,584 C:\WINDOWS\system32\openfiles.exe
2006-04-07 10:40 67,072 C:\WINDOWS\system32\rdshost.exe
2006-04-07 10:40 67,072 C:\WINDOWS\system32\ntdsapi.dll
2006-04-07 10:40 660,992 C:\WINDOWS\system32\mqqm.dll
2006-04-07 10:40 657,920 C:\WINDOWS\system32\rasdlg.dll
2006-04-07 10:40 655,360 C:\WINDOWS\system32\mstscax.dll
2006-04-07 10:40 65,536 C:\WINDOWS\system32\wextract.exe
2006-04-07 10:40 65,536 C:\WINDOWS\system32\shimeng.dll
2006-04-07 10:40 65,536 C:\WINDOWS\system32\odbccu32.dll
2006-04-07 10:40 65,536 C:\WINDOWS\system32\odbccr32.dll
2006-04-07 10:40 65,536 C:\WINDOWS\system32\icwphbk.dll
2006-04-07 10:40 65,024 C:\WINDOWS\system32\nwwks.dll
2006-04-07 10:40 65,024 C:\WINDOWS\system32\asycfilt.dll
2006-04-07 10:40 640,000 C:\WINDOWS\system32\dbghelp.dll
2006-04-07 10:40 64,000 C:\WINDOWS\system32\samlib.dll
2006-04-07 10:40 64,000 C:\WINDOWS\system32\cleanmgr.exe
2006-04-07 10:40 63,488 C:\WINDOWS\system32\cryptnet.dll
2006-04-07 10:40 63,488 C:\WINDOWS\system32\cmstp.exe
2006-04-07 10:40 63,488 C:\WINDOWS\system32\browselc.dll
2006-04-07 10:40 622,080 C:\WINDOWS\system32\netcfgx.dll
2006-04-07 10:40 62,976 C:\WINDOWS\system32\pautoenr.dll
2006-04-07 10:40 62,976 C:\WINDOWS\system32\iesetup.dll
2006-04-07 10:40 62,464 C:\WINDOWS\system32\rdpclip.exe
2006-04-07 10:40 619,008 C:\WINDOWS\system32\dx7vb.dll
2006-04-07 10:40 616,960 C:\WINDOWS\system32\advapi32.dll
2006-04-07 10:40 614,429 C:\WINDOWS\system32\mswstr10.dll
2006-04-07 10:40 611,328 C:\WINDOWS\system32\comctl32.dll
2006-04-07 10:40 610,304 C:\WINDOWS\system32\sspipes.scr
2006-04-07 10:40 61,440 C:\WINDOWS\system32\tlntadmn.exe
2006-04-07 10:40 61,440 C:\WINDOWS\system32\rasman.dll
2006-04-07 10:40 61,440 C:\WINDOWS\system32\msvcrt40.dll
2006-04-07 10:40 61,440 C:\WINDOWS\system32\dmcompos.dll
2006-04-07 10:40 61,440 C:\WINDOWS\system32\admparse.dll
2006-04-07 10:40 602,624 C:\WINDOWS\system32\autoconv.exe
2006-04-07 10:40 60,928 C:\WINDOWS\system32\miglibnt.dll
2006-04-07 10:40 60,928 C:\WINDOWS\system32\dpnhupnp.dll
2006-04-07 10:40 60,416 C:\WINDOWS\system32\remotepg.dll
2006-04-07 10:40 60,416 C:\WINDOWS\system32\cryptsvc.dll
2006-04-07 10:40 6,656 C:\WINDOWS\system32\wuauserv.dll
2006-04-07 10:40 6,656 C:\WINDOWS\system32\sensapi.dll
2006-04-07 10:40 6,656 C:\WINDOWS\system32\msidle.dll
2006-04-07 10:40 6,144 C:\WINDOWS\system32\msdtc.exe
2006-04-07 10:40 6,144 C:\WINDOWS\system32\csrss.exe
2006-04-07 10:40 596,992 C:\WINDOWS\system32\wsecedit.dll
2006-04-07 10:40 59,904 C:\WINDOWS\system32\regsvc.dll
2006-04-07 10:40 59,904 C:\WINDOWS\system32\mpr.dll
2006-04-07 10:40 59,904 C:\WINDOWS\system32\ipv6mon.dll
2006-04-07 10:40 59,904 C:\WINDOWS\system32\devenum.dll
2006-04-07 10:40 59,904 C:\WINDOWS\system32\cabinet.dll
2006-04-07 10:40 59,392 C:\WINDOWS\system32\logman.exe
2006-04-07 10:40 589,312 C:\WINDOWS\system32\wiashext.dll
2006-04-07 10:40 588,800 C:\WINDOWS\system32\autochk.exe
2006-04-07 10:40 586,240 C:\WINDOWS\system32\mlang.dll
2006-04-07 10:40 580,608 C:\WINDOWS\system32\autofmt.exe
2006-04-07 10:40 58,880 C:\WINDOWS\system32\resutils.dll
2006-04-07 10:40 58,880 C:\WINDOWS\system32\rastapi.dll
2006-04-07 10:40 58,880 C:\WINDOWS\system32\msdtclog.dll
2006-04-07 10:40 58,880 C:\WINDOWS\system32\licwmi.dll
2006-04-07 10:40 58,880 C:\WINDOWS\system32\atl.dll
2006-04-07 10:40 58,368 C:\WINDOWS\system32\packager.exe
2006-04-07 10:40 577,024 C:\WINDOWS\system32\user32.dll
2006-04-07 10:40 57,856 C:\WINDOWS\system32\synceng.dll
2006-04-07 10:40 57,856 C:\WINDOWS\system32\spoolsv.exe
2006-04-07 10:40 57,856 C:\WINDOWS\system32\clusapi.dll
2006-04-07 10:40 57,344 C:\WINDOWS\system32\msasn1.dll
2006-04-07 10:40 57,344 C:\WINDOWS\system32\dpwsockx.dll
2006-04-07 10:40 566,784 C:\WINDOWS\system32\gpedit.dll
2006-04-07 10:40 562,176 C:\WINDOWS\system32\qedit.dll
2006-04-07 10:40 560,640 C:\WINDOWS\system32\printui.dll
2006-04-07 10:40 56,832 C:\WINDOWS\system32\rasphone.exe
2006-04-07 10:40 56,832 C:\WINDOWS\system32\mshtmler.dll
2006-04-07 10:40 56,832 C:\WINDOWS\system32\authz.dll
2006-04-07 10:40 56,320 C:\WINDOWS\system32\servdeps.dll
2006-04-07 10:40 56,320 C:\WINDOWS\system32\cipher.exe
2006-04-07 10:40 553,472 C:\WINDOWS\system32\oleaut32.dll
2006-04-07 10:40 552,989 C:\WINDOWS\system32\msrepl40.dll
2006-04-07 10:40 55,808 C:\WINDOWS\system32\secur32.dll
2006-04-07 10:40 55,808 C:\WINDOWS\system32\ipconfig.exe
2006-04-07 10:40 55,808 C:\WINDOWS\system32\eventlog.dll
2006-04-07 10:40 55,296 C:\WINDOWS\system32\sendmail.dll
2006-04-07 10:40 54,784 C:\WINDOWS\system32\npptools.dll
2006-04-07 10:40 54,784 C:\WINDOWS\system32\msvcirt.dll
2006-04-07 10:40 54,272 C:\WINDOWS\system32\ixsso.dll
2006-04-07 10:40 54,272 C:\WINDOWS\system32\dataclen.dll
2006-04-07 10:40 538,624 C:\WINDOWS\system32\spider.exe
2006-04-07 10:40 532,480 C:\WINDOWS\system32\mstime.dll
2006-04-07 10:40 53,840 C:\WINDOWS\system32\dosx.exe
2006-04-07 10:40 53,760 C:\WINDOWS\system32\winsta.dll
2006-04-07 10:40 53,760 C:\WINDOWS\system32\narrator.exe
2006-04-07 10:40 53,760 C:\WINDOWS\system32\cryptext.dll
2006-04-07 10:40 53,279 C:\WINDOWS\system32\odbcji32.dll
2006-04-07 10:40 53,279 C:\WINDOWS\system32\msjter40.dll
2006-04-07 10:40 53,248 C:\WINDOWS\system32\ipv6.exe
2006-04-07 10:40 52,736 C:\WINDOWS\system32\basesrv.dll
2006-04-07 10:40 52,224 C:\WINDOWS\system32\dmutil.dll
2006-04-07 10:40 517,632 C:\WINDOWS\system32\mqsnap.dll
2006-04-07 10:40 514,560 C:\WINDOWS\system32\logonui.exe
2006-04-07 10:40 512,512 C:\WINDOWS\system32\cryptui.dll
2006-04-07 10:40 512,029 C:\WINDOWS\system32\msexch40.dll
2006-04-07 10:40 51,712 C:\WINDOWS\system32\wzcsapi.dll
2006-04-07 10:40 51,712 C:\WINDOWS\system32\vdmredir.dll
2006-04-07 10:40 51,712 C:\WINDOWS\system32\msident.dll
2006-04-07 10:40 51,200 C:\WINDOWS\system32\dssec.dll
2006-04-07 10:40 506,368 C:\WINDOWS\system32\msxml.dll
2006-04-07 10:40 502,272 C:\WINDOWS\system32\winlogon.exe
2006-04-07 10:40 50,688 C:\WINDOWS\twain_32.dll
2006-04-07 10:40 50,688 C:\WINDOWS\system32\wstdecod.dll
2006-04-07 10:40 50,688 C:\WINDOWS\system32\smss.exe
2006-04-07 10:40 50,688 C:\WINDOWS\system32\mmcshext.dll
2006-04-07 10:40 50,688 C:\WINDOWS\system32\camocx.dll
2006-04-07 10:40 50,176 C:\WINDOWS\system32\utilman.exe
2006-04-07 10:40 50,176 C:\WINDOWS\system32\reg.exe
2006-04-07 10:40 50,176 C:\WINDOWS\system32\proquota.exe
2006-04-07 10:40 50,176 C:\WINDOWS\system32\eventcreate.exe
2006-04-07 10:40 5,632 C:\WINDOWS\system32\wmi.dll
2006-04-07 10:40 5,632 C:\WINDOWS\system32\winver.exe
2006-04-07 10:40 5,632 C:\WINDOWS\system32\security.dll
2006-04-07 10:40 5,632 C:\WINDOWS\system32\cisvc.exe
2006-04-07 10:40 5,120 C:\WINDOWS\system32\sfc.dll
2006-04-07 10:40 5,120 C:\WINDOWS\system32\dllhost.exe
2006-04-07 10:40 498,205 C:\WINDOWS\system32\dxmasf.dll
2006-04-07 10:40 49,664 C:\WINDOWS\system32\regapi.dll
2006-04-07 10:40 49,152 C:\WINDOWS\system32\wdigest.dll
2006-04-07 10:40 488,448 C:\WINDOWS\system32\ntmsmgr.dll
2006-04-07 10:40 48,640 C:\WINDOWS\system32\mqupgrd.dll
2006-04-07 10:40 48,640 C:\WINDOWS\system32\iernonce.dll
2006-04-07 10:40 48,128 C:\WINDOWS\system32\msprivs.dll
2006-04-07 10:40 48,128 C:\WINDOWS\system32\inetres.dll
2006-04-07 10:40 48,128 C:\WINDOWS\system32\docprop2.dll
2006-04-07 10:40 471,552 C:\WINDOWS\system32\mqutil.dll
2006-04-07 10:40 47,616 C:\WINDOWS\system32\iyuv_32.dll
2006-04-07 10:40 47,564 C:\ntdetect.com
2006-04-07 10:40 47,104 C:\WINDOWS\system32\ssmypics.scr
2006-04-07 10:40 47,104 C:\WINDOWS\system32\mqdscli.dll
2006-04-07 10:40 47,104 C:\WINDOWS\system32\cnbjmon.dll
2006-04-07 10:40 47,104 C:\WINDOWS\system32\cmdl32.exe
2006-04-07 10:40 463,360 C:\WINDOWS\system32\wiadefui.dll
2006-04-07 10:40 457,728 C:\WINDOWS\system32\certmgr.dll
2006-04-07 10:40 45,568 C:\WINDOWS\system32\tcpmonui.dll
2006-04-07 10:40 45,568 C:\WINDOWS\system32\tcpmon.dll
2006-04-07 10:40 45,568 C:\WINDOWS\system32\safrslv.dll
2006-04-07 10:40 45,568 C:\WINDOWS\system32\extrac32.exe
2006-04-07 10:40 45,568 C:\WINDOWS\system32\dnsrslvr.dll
2006-04-07 10:40 448,512 C:\WINDOWS\system32\mshtmled.dll
2006-04-07 10:40 442,368 C:\WINDOWS\system32\sqlsrv32.dll
2006-04-07 10:40 44,544 C:\WINDOWS\system32\tscupgrd.exe
2006-04-07 10:40 44,544 C:\WINDOWS\system32\alg.exe
2006-04-07 10:40 44,032 C:\WINDOWS\system32\rtutils.dll
2006-04-07 10:40 438,784 C:\WINDOWS\system32\xpob2res.dll
2006-04-07 10:40 438,272 C:\WINDOWS\system32\shimgvw.dll
2006-04-07 10:40 435,200 C:\WINDOWS\system32\ntmssvc.dll
2006-04-07 10:40 433,664 C:\WINDOWS\system32\wiaacmgr.exe
2006-04-07 10:40 431,616 C:\WINDOWS\system32\riched20.dll
2006-04-07 10:40 430,592 C:\WINDOWS\system32\vssapi.dll
2006-04-07 10:40 43,520 C:\WINDOWS\system32\safrcdlg.dll
2006-04-07 10:40 43,520 C:\WINDOWS\system32\racpldlg.dll
2006-04-07 10:40 43,520 C:\WINDOWS\system32\pstorec.dll
2006-04-07 10:40 43,520 C:\WINDOWS\system32\ntlanman.dll
2006-04-07 10:40 423,936 C:\WINDOWS\system32\licdll.dll
2006-04-07 10:40 421,919 C:\WINDOWS\system32\msrd2x40.dll
2006-04-07 10:40 42,537 C:\WINDOWS\system32\keyboard.sys
2006-04-07 10:40 42,496 C:\WINDOWS\system32\wsnmp32.dll
2006-04-07 10:40 42,496 C:\WINDOWS\system32\shmgrate.exe
2006-04-07 10:40 42,496 C:\WINDOWS\system32\net.exe
2006-04-07 10:40 42,496 C:\WINDOWS\system32\ftp.exe
2006-04-07 10:40 42,496 C:\WINDOWS\system32\audiosrv.dll
2006-04-07 10:40 419,840 C:\WINDOWS\system32\ntvdm.exe
2006-04-07 10:40 415,744 C:\WINDOWS\system32\samsrv.dll
2006-04-07 10:40 413,696 C:\WINDOWS\system32\msvcp60.dll
2006-04-07 10:40 41,984 C:\WINDOWS\system32\htui.dll
2006-04-07 10:40 407,552 C:\WINDOWS\system32\mstsc.exe
2006-04-07 10:40 407,040 C:\WINDOWS\system32\netlogon.dll
2006-04-07 10:40 406,528 C:\WINDOWS\system32\usp10.dll
2006-04-07 10:40 40,960 C:\WINDOWS\system32\ntmsapi.dll
2006-04-07 10:40 4,608 C:\WINDOWS\system32\msimg32.dll
2006-04-07 10:40 4,608 C:\WINDOWS\system32\mqsvc.exe
2006-04-07 10:40 4,126 C:\WINDOWS\system32\msdxmlc.dll
2006-04-07 10:40 4,096 C:\WINDOWS\system32\nddeapir.exe
2006-04-07 10:40 4,096 C:\WINDOWS\system32\ksuser.dll
2006-04-07 10:40 4,096 C:\WINDOWS\system32\actmovie.exe
2006-04-07 10:40 399,872 C:\WINDOWS\system32\lmrt.dll
2006-04-07 10:40 397,824 C:\WINDOWS\system32\regwizc.dll
2006-04-07 10:40 393,216 C:\WINDOWS\system32\ssflwbox.scr
2006-04-07 10:40 39,936 C:\WINDOWS\system32\rshx32.dll
2006-04-07 10:40 39,936 C:\WINDOWS\system32\perfctrs.dll
2006-04-07 10:40 39,936 C:\WINDOWS\system32\cmutil.dll
2006-04-07 10:40 39,936 C:\WINDOWS\system32\cmmon32.exe
2006-04-07 10:40 39,424 C:\WINDOWS\system32\grpconv.exe
2006-04-07 10:40 388,608 C:\WINDOWS\system32\cmd.exe
2006-04-07 10:40 385,536 C:\WINDOWS\system32\themeui.dll
2006-04-07 10:40 385,024 C:\WINDOWS\system32\qdvd.dll
2006-04-07 10:40 384,000 C:\WINDOWS\system32\ipsmsnap.dll
2006-04-07 10:40 382,976 C:\WINDOWS\system32\fontext.dll
2006-04-07 10:40 382,464 C:\WINDOWS\system32\qmgr.dll
2006-04-07 10:40 380,957 C:\WINDOWS\system32\expsrv.dll
2006-04-07 10:40 38,912 C:\WINDOWS\system32\sens.dll
2006-04-07 10:40 38,912 C:\WINDOWS\system32\dfrgsnap.dll
2006-04-07 10:40 38,912 C:\WINDOWS\system32\cfgbkend.dll
2006-04-07 10:40 378,368 C:\WINDOWS\system32\wzcdlg.dll
2006-04-07 10:40 375,296 C:\WINDOWS\system32\dpnet.dll
2006-04-07 10:40 367,616 C:\WINDOWS\system32\dsound.dll
2006-04-07 10:40 363,008 C:\WINDOWS\system32\smlogcfg.dll
2006-04-07 10:40 36,921 C:\WINDOWS\system32\imeshare.dll
2006-04-07 10:40 36,864 C:\WINDOWS\system32\netstat.exe
2006-04-07 10:40 36,864 C:\WINDOWS\system32\mscpxl32.dll
2006-04-07 10:40 36,352 C:\WINDOWS\system32\ncobjapi.dll
2006-04-07 10:40 359,936 C:\WINDOWS\system32\wzcsvc.dll
2006-04-07 10:40 358,976 C:\WINDOWS\system32\msjetoledb40.dll
2006-04-07 10:40 358,400 C:\WINDOWS\system32\termmgr.dll
2006-04-07 10:40 357,888 C:\WINDOWS\system32\dxtmsft.dll
2006-04-07 10:40 351,232 C:\WINDOWS\system32\winhttp.dll
2006-04-07 10:40 35,840 C:\WINDOWS\system32\umandlg.dll
2006-04-07 10:40 35,840 C:\WINDOWS\system32\rcimlby.exe
2006-04-07 10:40 35,840 C:\WINDOWS\system32\imgutil.dll
2006-04-07 10:40 35,840 C:\WINDOWS\system32\dmloader.dll
2006-04-07 10:40 35,648 C:\WINDOWS\system32\ntio411.sys
2006-04-07 10:40 35,424 C:\WINDOWS\system32\ntio412.sys
2006-04-07 10:40 35,328 C:\WINDOWS\system32\pid.dll
2006-04-07 10:40 35,328 C:\WINDOWS\system32\mciqtz32.dll
2006-04-07 10:40 35,328 C:\WINDOWS\system32\dpnhpast.dll
2006-04-07 10:40 35,328 C:\WINDOWS\system32\corpol.dll
2006-04-07 10:40 349,696 C:\WINDOWS\system32\ipsecsnp.dll
2006-04-07 10:40 348,189 C:\WINDOWS\system32\msxbde40.dll
2006-04-07 10:40 348,189 C:\WINDOWS\system32\mspbde40.dll
2006-04-07 10:40 347,136 C:\WINDOWS\system32\tourstart.exe
2006-04-07 10:40 347,136 C:\WINDOWS\system32\hypertrm.dll
2006-04-07 10:40 344,064 C:\WINDOWS\system32\hnetcfg.dll
2006-04-07 10:40 343,040 C:\WINDOWS\system32\msvcrt.dll
2006-04-07 10:40 343,040 C:\WINDOWS\system32\mspaint.exe
2006-04-07 10:40 343,040 C:\WINDOWS\system32\cmdial32.dll
2006-04-07 10:40 341,504 C:\WINDOWS\system32\localspl.dll
2006-04-07 10:40 34,816 C:\WINDOWS\system32\ssdpapi.dll
2006-04-07 10:40 34,816 C:\WINDOWS\system32\perfproc.dll
2006-04-07 10:40 34,560 C:\WINDOWS\system32\ntio804.sys
2006-04-07 10:40 34,560 C:\WINDOWS\system32\ntio404.sys
2006-04-07 10:40 34,560 C:\WINDOWS\system32\mnmdd.dll
2006-04-07 10:40 34,304 C:\WINDOWS\system32\pstorsvc.dll
2006-04-07 10:40 34,304 C:\WINDOWS\system32\ie4uinit.exe
2006-04-07 10:40 338,432 C:\WINDOWS\system32\ir41_qcx.dll
2006-04-07 10:40 337,920 C:\WINDOWS\system32\filemgmt.dll
2006-04-07 10:40 333,312 C:\WINDOWS\system32\wiaservc.dll
2006-04-07 10:40 330,752 C:\WINDOWS\system32\ippromon.dll
2006-04-07 10:40 330,752 C:\WINDOWS\system32\hnetwiz.dll
2006-04-07 10:40 33,840 C:\WINDOWS\system32\ntio.sys
2006-04-07 10:40 33,792 C:\WINDOWS\system32\msgsvc.dll
2006-04-07 10:40 33,280 C:\WINDOWS\system32\rundll32.exe
2006-04-07 10:40 33,280 C:\WINDOWS\system32\inetmib1.dll
2006-04-07 10:40 33,280 C:\WINDOWS\system32\cryptdll.dll
2006-04-07 10:40 33,280 C:\WINDOWS\system32\clipsrv.exe
2006-04-07 10:40 329,728 C:\WINDOWS\system32\netsetup.exe
2006-04-07 10:40 326,656 C:\WINDOWS\system32\cscui.dll
2006-04-07 10:40 323,584 C:\WINDOWS\system32\iedkcs32.dll
2006-04-07 10:40 32,768 C:\WINDOWS\system32\winipsec.dll
2006-04-07 10:40 32,768 C:\WINDOWS\system32\odbcad32.exe
2006-04-07 10:40 32,768 C:\WINDOWS\system32\mnmsrvc.exe
2006-04-07 10:40 32,768 C:\WINDOWS\system32\isrdbg32.dll
2006-04-07 10:40 32,768 C:\WINDOWS\system32\csrsrv.dll
2006-04-07 10:40 32,256 C:\WINDOWS\system32\wpnpinst.exe
2006-04-07 10:40 32,256 C:\WINDOWS\system32\wpabaln.exe
2006-04-07 10:40 319,517 C:\WINDOWS\system32\msexcl40.dll
2006-04-07 10:40 316,416 C:\WINDOWS\system32\untfs.dll
2006-04-07 10:40 315,423 C:\WINDOWS\system32\msrd3x40.dll
2006-04-07 10:40 313,856 C:\WINDOWS\system32\scesrv.dll
2006-04-07 10:40 31,744 C:\WINDOWS\system32\rtipxmib.dll
2006-04-07 10:40 31,232 C:\WINDOWS\system32\sethc.exe
2006-04-07 10:40 306,176 C:\WINDOWS\system32\slbcsp.dll
2006-04-07 10:40 304,128 C:\WINDOWS\system32\duser.dll
2006-04-07 10:40 303,616 C:\WINDOWS\system32\wmstream.dll
2006-04-07 10:40 30,749 C:\WINDOWS\system32\vbajet32.dll
2006-04-07 10:40 30,720 C:\WINDOWS\system32\xcopy.exe
2006-04-07 10:40 30,208 C:\WINDOWS\system32\mspatcha.dll
2006-04-07 10:40 30,208 C:\WINDOWS\system32\dplaysvr.exe
2006-04-07 10:40 30,208 C:\WINDOWS\system32\ddeshare.exe
2006-04-07 10:40 30,208 C:\WINDOWS\system32\atmlib.dll
2006-04-07 10:40 30,208 C:\WINDOWS\system32\asr_fmt.exe
2006-04-07 10:40 3,584 C:\WINDOWS\system32\msafd.dll
2006-04-07 10:40 3,584 C:\WINDOWS\system32\icmp.dll
2006-04-07 10:40 3,584 C:\WINDOWS\system32\dpnlobby.dll
2006-04-07 10:40 3,584 C:\WINDOWS\system32\dpnaddr.dll
2006-04-07 10:40 3,338 C:\WINDOWS\system32\redir.exe
2006-04-07 10:40 295,936 C:\WINDOWS\system32\kerberos.dll
2006-04-07 10:40 295,936 C:\WINDOWS\system32\appmgr.dll
2006-04-07 10:40 295,424 C:\WINDOWS\system32\termsrv.dll
2006-04-07 10:40 294,400 C:\WINDOWS\system32\msctf.dll
2006-04-07 10:40 291,840 C:\WINDOWS\system32\winsrv.dll
2006-04-07 10:40 290,816 C:\WINDOWS\system32\msnsspc.dll
2006-04-07 10:40 29,696 C:\WINDOWS\system32\safrdm.dll
2006-04-07 10:40 29,184 C:\WINDOWS\system32\sendcmsg.dll
2006-04-07 10:40 29,184 C:\WINDOWS\system32\mshta.exe
2006-04-07 10:40 289,792 C:\WINDOWS\system32\vssvc.exe
2006-04-07 10:40 285,696 C:\WINDOWS\system32\objsel.dll
2006-04-07 10:40 285,696 C:\WINDOWS\system32\atmfd.dll
2006-04-07 10:40 283,648 C:\WINDOWS\winhlp32.exe
2006-04-07 10:40 283,648 C:\WINDOWS\system32\pdh.dll
2006-04-07 10:40 282,624 C:\WINDOWS\system32\devmgr.dll
2006-04-07 10:40 280,064 C:\WINDOWS\system32\gdi32.dll
2006-04-07 10:40 28,672 C:\WINDOWS\system32\nmmkcert.dll
2006-04-07 10:40 28,672 C:\WINDOWS\system32\dmband.dll
2006-04-07 10:40 28,672 C:\WINDOWS\system32\dfsshlex.dll
2006-04-07 10:40 28,672 C:\WINDOWS\system32\dbnmpntw.dll
2006-04-07 10:40 28,672 C:\WINDOWS\system32\batmeter.dll
2006-04-07 10:40 279,040 C:\WINDOWS\system32\qdv.dll
2006-04-07 10:40 278,559 C:\WINDOWS\system32\odbcjt32.dll
2006-04-07 10:40 276,992 C:\WINDOWS\system32\comdlg32.dll
2006-04-07 10:40 276,480 C:\WINDOWS\system32\webcheck.dll
2006-04-07 10:40 275,456 C:\WINDOWS\system32\ulib.dll
2006-04-07 10:40 274,944 C:\WINDOWS\system32\mstask.dll
2006-04-07 10:40 274,432 C:\WINDOWS\system32\inetcfg.dll
2006-04-07 10:40 271,360 C:\WINDOWS\system32\msihnd.dll
2006-04-07 10:40 27,648 C:\WINDOWS\system32\shscrap.dll
2006-04-07 10:40 27,648 C:\WINDOWS\system32\profmap.dll
2006-04-07 10:40 27,648 C:\WINDOWS\system32\conime.exe
2006-04-07 10:40 27,136 C:\WINDOWS\system32\findstr.exe
2006-04-07 10:40 27,136 C:\WINDOWS\system32\ddrawex.dll
2006-04-07 10:40 266,752 C:\WINDOWS\system32\oakley.dll
2006-04-07 10:40 266,240 C:\WINDOWS\system32\ddraw.dll
2006-04-07 10:40 264,192 C:\WINDOWS\system32\wow32.dll
2006-04-07 10:40 263,680 C:\WINDOWS\system32\adsnt.dll
2006-04-07 10:40 26,624 C:\WINDOWS\system32\perfdisk.dll
2006-04-07 10:40 26,624 C:\WINDOWS\system32\efsadu.dll
2006-04-07 10:40 26,112 C:\WINDOWS\system32\vdmdbg.dll
2006-04-07 10:40 26,112 C:\WINDOWS\system32\skeys.exe
2006-04-07 10:40 259,584 C:\WINDOWS\system32\tracerpt.exe
2006-04-07 10:40 258,077 C:\WINDOWS\system32\mstext40.dll
2006-04-07 10:40 254,976 C:\WINDOWS\system32\icm32.dll
2006-04-07 10:40 252,928 C:\WINDOWS\system32\msoeacct.dll
2006-04-07 10:40 252,928 C:\WINDOWS\system32\compatui.dll
2006-04-07 10:40 251,392 C:\WINDOWS\system32\iepeers.dll
2006-04-07 10:40 25,600 C:\WINDOWS\system32\udhisapi.dll
2006-04-07 10:40 25,088 C:\WINDOWS\system32\slayerxp.dll
2006-04-07 10:40 25,088 C:\WINDOWS\system32\shfolder.dll
2006-04-07 10:40 25,088 C:\WINDOWS\system32\perfos.dll
2006-04-07 10:40 25,088 C:\WINDOWS\system32\mslbui.dll
2006-04-07 10:40 25,088 C:\WINDOWS\system32\defrag.exe
2006-04-07 10:40 25,088 C:\WINDOWS\system32\at.exe
2006-04-07 10:40 249,856 C:\WINDOWS\system32\odbc32.dll
2006-04-07 10:40 249,344 C:\WINDOWS\system32\tapisrv.dll
2006-04-07 10:40 248,832 C:\WINDOWS\system32\newdev.dll
2006-04-07 10:40 248,832 C:\WINDOWS\system32\msieftp.dll
2006-04-07 10:40 246,302 C:\WINDOWS\system32\strmdll.dll
2006-04-07 10:40 245,760 C:\WINDOWS\system32\netui1.dll
2006-04-07 10:40 245,248 C:\WINDOWS\system32\mswsock.dll
2006-04-07 10:40 241,693 C:\WINDOWS\system32\msjtes40.dll
2006-04-07 10:40 240,640 C:\WINDOWS\system32\mpg4dmod.dll
2006-04-07 10:40 24,576 C:\WINDOWS\system32\userinit.exe
2006-04-07 10:40 24,576 C:\WINDOWS\system32\odbcbcp.dll
2006-04-07 10:40 24,576 C:\WINDOWS\system32\dbmsrpcn.dll
2006-04-07 10:40 24,576 C:\WINDOWS\system32\davclnt.dll
2006-04-07 10:40 24,064 C:\WINDOWS\system32\pidgen.dll
2006-04-07 10:40 239,616 C:\WINDOWS\system32\upnpui.dll
2006-04-07 10:40 239,104 C:\WINDOWS\system32\dsquery.dll
2006-04-07 10:40 236,544 C:\WINDOWS\system32\rasapi32.dll
2006-04-07 10:40 23,552 C:\WINDOWS\system32\mciwave.dll
2006-04-07 10:40 23,552 C:\WINDOWS\system32\ipxroute.exe
2006-04-07 10:40 23,552 C:\WINDOWS\system32\dpmodemx.dll
2006-04-07 10:40 23,552 C:\WINDOWS\system32\dmserver.dll
2006-04-07 10:40 23,040 C:\WINDOWS\system32\setup.exe
2006-04-07 10:40 23,040 C:\WINDOWS\system32\psapi.dll
2006-04-07 10:40 23,040 C:\WINDOWS\system32\mciseq.dll
2006-04-07 10:40 23,040 C:\WINDOWS\system32\ersvc.dll
2006-04-07 10:40 229,888 C:\WINDOWS\system32\dplayx.dll
2006-04-07 10:40 229,376 C:\WINDOWS\system32\compstui.dll
2006-04-07 10:40 225,280 C:\WINDOWS\system32\mqoa.dll
2006-04-07 10:40 224,768 C:\WINDOWS\system32\dmadmin.exe
2006-04-07 10:40 221,696 C:\WINDOWS\system32\localsec.dll
2006-04-07 10:40 220,672 C:\WINDOWS\system32\logon.scr
2006-04-07 10:40 22,752 C:\WINDOWS\system32\spupdsvc.exe
2006-04-07 10:40 22,528 C:\WINDOWS\system32\wsock32.dll
2006-04-07 10:40 22,528 C:\WINDOWS\system32\mfcsubs.dll
2006-04-07 10:40 22,016 C:\WINDOWS\system32\lpk.dll
2006-04-07 10:40 22,016 C:\WINDOWS\system32\licmgr10.dll
2006-04-07 10:40 218,624 C:\WINDOWS\system32\uxtheme.dll
2006-04-07 10:40 216,576 C:\WINDOWS\system32\ieaksie.dll
2006-04-07 10:40 216,064 C:\WINDOWS\system32\moricons.dll
2006-04-07 10:40 215,552 C:\WINDOWS\system32\osk.exe
2006-04-07 10:40 213,023 C:\WINDOWS\system32\msltus40.dll
2006-04-07 10:40 212,480 C:\WINDOWS\system32\dpvoice.dll
2006-04-07 10:40 21,504 C:\WINDOWS\system32\rcp.exe
2006-04-07 10:40 21,504 C:\WINDOWS\system32\feclient.dll
2006-04-07 10:40 21,504 C:\WINDOWS\system32\dpvacm.dll
2006-04-07 10:40 207,360 C:\WINDOWS\system32\mobsync.dll
2006-04-07 10:40 206,336 C:\WINDOWS\system32\rasppp.dll
2006-04-07 10:40 205,312 C:\WINDOWS\system32\dxtrans.dll
2006-04-07 10:40 204,288 C:\WINDOWS\system32\mswebdvd.dll
2006-04-07 10:40 200,704 C:\WINDOWS\system32\dmdskmgr.dll
2006-04-07 10:40 200,192 C:\WINDOWS\system32\ir50_qc.dll
2006-04-07 10:40 20,992 C:\WINDOWS\system32\ssmarque.scr
2006-04-07 10:40 20,992 C:\WINDOWS\system32\sclgntfy.dll
2006-04-07 10:40 20,992 C:\WINDOWS\system32\hid.dll
2006-04-07 10:40 20,992 C:\WINDOWS\system32\fontview.exe
2006-04-07 10:40 20,511 C:\WINDOWS\system32\odtext32.dll
2006-04-07 10:40 20,511 C:\WINDOWS\system32\oddbse32.dll
2006-04-07 10:40 20,510 C:\WINDOWS\system32\odpdx32.dll
2006-04-07 10:40 20,510 C:\WINDOWS\system32\odfox32.dll
2006-04-07 10:40 20,510 C:\WINDOWS\system32\odexl32.dll
2006-04-07 10:40 20,480 C:\WINDOWS\system32\qprocess.exe
2006-04-07 10:40 20,480 C:\WINDOWS\system32\msorc32r.dll
2006-04-07 10:40 20,480 C:\WINDOWS\system32\cliconfg.exe
2006-04-07 10:40 2,890,240 C:\WINDOWS\system32\msi.dll
2006-04-07 10:40 2,135,552 C:\WINDOWS\system32\ntoskrnl.exe
2006-04-07 10:40 2,067,968 C:\WINDOWS\system32\cdosys.dll
2006-04-07 10:40 2,015,232 C:\WINDOWS\system32\ntkrnlpa.exe
2006-04-07 10:40 198,656 C:\WINDOWS\system32\gptext.dll
2006-04-07 10:40 197,632 C:\WINDOWS\system32\netman.dll
2006-04-07 10:40 195,072 C:\WINDOWS\system32\msutb.dll
2006-04-07 10:40 194,560 C:\WINDOWS\system32\certcli.dll
2006-04-07 10:40 194,048 C:\WINDOWS\system32\activeds.dll
2006-04-07 10:40 193,024 C:\WINDOWS\system32\eudcedit.exe
2006-04-07 10:40 192,512 C:\WINDOWS\system32\qcap.dll
2006-04-07 10:40 191,488 C:\WINDOWS\system32\syncui.dll
2006-04-07 10:40 190,976 C:\WINDOWS\system32\schedsvc.dll
2006-04-07 10:40 19,968 C:\WINDOWS\system32\wshtcpip.dll
2006-04-07 10:40 19,968 C:\WINDOWS\system32\ws2help.dll
2006-04-07 10:40 19,968 C:\WINDOWS\system32\ssbezier.scr
2006-04-07 10:40 19,968 C:\WINDOWS\system32\rdpsnd.dll
2006-04-07 10:40 19,968 C:\WINDOWS\system32\mqbkup.exe
2006-04-07 10:40 19,968 C:\WINDOWS\system32\linkinfo.dll
2006-04-07 10:40 19,456 C:\WINDOWS\system32\shutdown.exe
2006-04-07 10:40 19,456 C:\WINDOWS\system32\dswave.dll
2006-04-07 10:40 186,880 C:\WINDOWS\system32\mqtrig.dll
2006-04-07 10:40 185,344 C:\WINDOWS\system32\upnphost.dll
2006-04-07 10:40 185,344 C:\WINDOWS\system32\cmprops.dll
2006-04-07 10:40 183,808 C:\WINDOWS\system32\ir50_qcx.dll
2006-04-07 10:40 183,808 C:\WINDOWS\system32\accwiz.exe
2006-04-07 10:40 183,296 C:\WINDOWS\system32\els.dll
2006-04-07 10:40 182,784 C:\WINDOWS\system32\ipsecsvc.dll
2006-04-07 10:40 182,272 C:\WINDOWS\system32\snmpsnap.dll
2006-04-07 10:40 181,760 C:\WINDOWS\system32\tapi32.dll
2006-04-07 10:40 181,760 C:\WINDOWS\system32\dsdmo.dll
2006-04-07 10:40 181,760 C:\WINDOWS\system32\dinput8.dll
2006-04-07 10:40 181,248 C:\WINDOWS\system32\rasmans.dll
2006-04-07 10:40 181,248 C:\WINDOWS\system32\dmime.dll
2006-04-07 10:40 180,800 C:\WINDOWS\system32\sqlunirl.dll
2006-04-07 10:40 180,224 C:\WINDOWS\system32\scecli.dll
2006-04-07 10:40 180,224 C:\WINDOWS\system32\dwwin.exe
2006-04-07 10:40 18,944 C:\WINDOWS\system32\version.dll
2006-04-07 10:40 18,944 C:\WINDOWS\system32\ssmyst.scr
2006-04-07 10:40 18,944 C:\WINDOWS\system32\snmpapi.dll
2006-04-07 10:40 18,944 C:\WINDOWS\system32\seclogon.dll
2006-04-07 10:40 18,944 C:\WINDOWS\system32\rsmps.dll
2006-04-07 10:40 18,944 C:\WINDOWS\system32\qmgrprxy.dll
2006-04-07 10:40 18,944 C:\WINDOWS\system32\nddenb32.dll
2006-04-07 10:40 18,944 C:\WINDOWS\system32\midimap.dll
2006-04-07 10:40 18,432 C:\WINDOWS\system32\wtsapi3

#10 Dober

Dober
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:07 PM

Posted 03 July 2006 - 03:20 PM

2006-04-07 10:40 18,432 C:\WINDOWS\system32\ups.exe
2006-04-07 10:40 18,432 C:\WINDOWS\system32\secedit.exe
2006-04-07 10:40 18,432 C:\WINDOWS\system32\dpnsvr.exe
2006-04-07 10:40 179,712 C:\WINDOWS\system32\ntmsdba.dll
2006-04-07 10:40 177,152 C:\WINDOWS\system32\mqrt.dll
2006-04-07 10:40 176,640 C:\WINDOWS\system32\wintrust.dll
2006-04-07 10:40 176,128 C:\WINDOWS\system32\winmm.dll
2006-04-07 10:40 176,128 C:\WINDOWS\system32\photowiz.dll
2006-04-07 10:40 175,616 C:\WINDOWS\system32\adsldp.dll
2006-04-07 10:40 174,592 C:\WINDOWS\system32\w32time.dll
2006-04-07 10:40 174,200 C:\WINDOWS\system32\xenroll.dll
2006-04-07 10:40 172,032 C:\WINDOWS\system32\wldap32.dll
2006-04-07 10:40 171,008 C:\WINDOWS\system32\sccsccp.dll
2006-04-07 10:40 170,496 C:\WINDOWS\system32\srsvc.dll
2006-04-07 10:40 17,920 C:\WINDOWS\system32\ping.exe
2006-04-07 10:40 17,920 C:\WINDOWS\system32\nddeapi.dll
2006-04-07 10:40 17,920 C:\WINDOWS\system32\dvdupgrd.exe
2006-04-07 10:40 17,664 C:\WINDOWS\system32\watchdog.sys
2006-04-07 10:40 17,408 C:\WINDOWS\system32\powrprof.dll
2006-04-07 10:40 17,408 C:\WINDOWS\system32\msyuv.dll
2006-04-07 10:40 17,408 C:\WINDOWS\system32\mmfutil.dll
2006-04-07 10:40 17,408 C:\WINDOWS\system32\bidispl.dll
2006-04-07 10:40 17,408 C:\WINDOWS\system32\alrsvc.dll
2006-04-07 10:40 169,984 C:\WINDOWS\system32\sccbase.dll
2006-04-07 10:40 167,936 C:\WINDOWS\system32\appmgmts.dll
2006-04-07 10:40 163,840 C:\WINDOWS\system32\diskpart.exe
2006-04-07 10:40 163,840 C:\WINDOWS\system32\credui.dll
2006-04-07 10:40 16,896 C:\WINDOWS\system32\winrnr.dll
2006-04-07 10:40 16,896 C:\WINDOWS\system32\usbmon.dll
2006-04-07 10:40 16,896 C:\WINDOWS\system32\upnpcont.exe
2006-04-07 10:40 16,896 C:\WINDOWS\system32\rassapi.dll
2006-04-07 10:40 16,896 C:\WINDOWS\system32\mqise.dll
2006-04-07 10:40 16,896 C:\WINDOWS\system32\cfgmgr32.dll
2006-04-07 10:40 16,384 C:\WINDOWS\system32\odbc32gt.dll
2006-04-07 10:40 16,384 C:\WINDOWS\system32\jsproxy.dll
2006-04-07 10:40 16,384 C:\WINDOWS\system32\ds32gt.dll
2006-04-07 10:40 159,232 C:\WINDOWS\system32\msimtf.dll
2006-04-07 10:40 159,232 C:\WINDOWS\system32\dinput.dll
2006-04-07 10:40 153,600 C:\WINDOWS\system32\modemui.dll
2006-04-07 10:40 152,576 C:\WINDOWS\system32\rsaenh.dll
2006-04-07 10:40 151,583 C:\WINDOWS\system32\msjint40.dll
2006-04-07 10:40 151,552 C:\WINDOWS\system32\msdart.dll
2006-04-07 10:40 151,040 C:\WINDOWS\system32\cdfview.dll
2006-04-07 10:40 150,528 C:\WINDOWS\system32\keymgr.dll
2006-04-07 10:40 150,016 C:\WINDOWS\system32\imapi.exe
2006-04-07 10:40 15,872 C:\WINDOWS\system32\perfmon.exe
2006-04-07 10:40 15,872 C:\WINDOWS\system32\inetppui.dll
2006-04-07 10:40 15,872 C:\WINDOWS\system32\dmremote.exe
2006-04-07 10:40 15,872 C:\WINDOWS\system32\cmcfg32.dll
2006-04-07 10:40 15,360 C:\WINDOWS\system32\pjlmon.dll
2006-04-07 10:40 15,360 C:\WINDOWS\system32\msisip.dll
2006-04-07 10:40 15,360 C:\WINDOWS\system32\ctfmon.exe
2006-04-07 10:40 148,480 C:\WINDOWS\system32\dnsapi.dll
2006-04-07 10:40 147,968 C:\WINDOWS\system32\rdchost.dll
2006-04-07 10:40 147,456 C:\WINDOWS\system32\odbctrac.dll
2006-04-07 10:40 147,456 C:\WINDOWS\system32\initpki.dll
2006-04-07 10:40 146,432 C:\WINDOWS\system32\msrating.dll
2006-04-07 10:40 146,432 C:\WINDOWS\regedit.exe
2006-04-07 10:40 144,896 C:\WINDOWS\system32\schannel.dll
2006-04-07 10:40 144,896 C:\WINDOWS\system32\hotplug.dll
2006-04-07 10:40 144,384 C:\WINDOWS\system32\nwprovau.dll
2006-04-07 10:40 144,384 C:\WINDOWS\system32\imagehlp.dll
2006-04-07 10:40 143,872 C:\WINDOWS\system32\ntshrui.dll
2006-04-07 10:40 143,360 C:\WINDOWS\system32\msorcl32.dll
2006-04-07 10:40 143,360 C:\WINDOWS\system32\mobsync.exe
2006-04-07 10:40 143,360 C:\WINDOWS\system32\adsldpc.dll
2006-04-07 10:40 142,336 C:\WINDOWS\system32\dsprop.dll
2006-04-07 10:40 140,800 C:\WINDOWS\system32\sessmgr.exe
2006-04-07 10:40 140,288 C:\WINDOWS\system32\sfc_os.dll
2006-04-07 10:40 14,848 C:\WINDOWS\system32\tcpmib.dll
2006-04-07 10:40 14,848 C:\WINDOWS\system32\stimon.exe
2006-04-07 10:40 14,848 C:\WINDOWS\system32\rsh.exe
2006-04-07 10:40 14,848 C:\WINDOWS\system32\mgmtapi.dll
2006-04-07 10:40 14,848 C:\WINDOWS\system32\mcastmib.dll
2006-04-07 10:40 14,336 C:\WINDOWS\system32\wship6.dll
2006-04-07 10:40 14,336 C:\WINDOWS\system32\svchost.exe
2006-04-07 10:40 14,336 C:\WINDOWS\system32\ssstars.scr
2006-04-07 10:40 14,336 C:\WINDOWS\system32\runonce.exe
2006-04-07 10:40 14,336 C:\WINDOWS\system32\msdmo.dll
2006-04-07 10:40 14,336 C:\WINDOWS\system32\drprov.dll
2006-04-07 10:40 139,264 C:\WINDOWS\system32\netid.dll
2006-04-07 10:40 139,264 C:\WINDOWS\system32\ieakeng.dll
2006-04-07 10:40 138,240 C:\WINDOWS\system32\mqad.dll
2006-04-07 10:40 137,216 C:\WINDOWS\system32\dssenh.dll
2006-04-07 10:40 136,704 C:\WINDOWS\system32\sti_ci.dll
2006-04-07 10:40 135,680 C:\WINDOWS\system32\webvw.dll
2006-04-07 10:40 135,680 C:\WINDOWS\system32\taskmgr.exe
2006-04-07 10:40 135,680 C:\WINDOWS\system32\ifmon.dll
2006-04-07 10:40 135,168 C:\WINDOWS\system32\odbcconf.dll
2006-04-07 10:40 134,656 C:\WINDOWS\system32\shsvcs.dll
2006-04-07 10:40 134,400 C:\WINDOWS\system32\HAL.DLL
2006-04-07 10:40 132,608 C:\WINDOWS\system32\upnp.dll
2006-04-07 10:40 132,096 C:\WINDOWS\system32\wkssvc.dll
2006-04-07 10:40 131,584 C:\WINDOWS\system32\sndrec32.exe
2006-04-07 10:40 13,824 C:\WINDOWS\system32\uniplat.dll
2006-04-07 10:40 13,824 C:\WINDOWS\system32\rexec.exe
2006-04-07 10:40 13,824 C:\WINDOWS\system32\rdsaddin.exe
2006-04-07 10:40 13,824 C:\WINDOWS\system32\lmhsvc.dll
2006-04-07 10:40 13,312 C:\WINDOWS\system32\sigtab.dll
2006-04-07 10:40 13,312 C:\WINDOWS\system32\savedump.exe
2006-04-07 10:40 13,312 C:\WINDOWS\system32\lsass.exe
2006-04-07 10:40 129,536 C:\WINDOWS\system32\msv1_0.dll
2006-04-07 10:40 126,976 C:\WINDOWS\system32\apphelp.dll
2006-04-07 10:40 124,928 C:\WINDOWS\system32\net1.exe
2006-04-07 10:40 124,416 C:\WINDOWS\system32\wiadss.dll
2006-04-07 10:40 123,904 C:\WINDOWS\system32\dfrgui.dll
2006-04-07 10:40 123,392 C:\WINDOWS\system32\umpnpmgr.dll
2006-04-07 10:40 123,392 C:\WINDOWS\system32\mqrtdep.dll
2006-04-07 10:40 123,392 C:\WINDOWS\system32\mplay32.exe
2006-04-07 10:40 123,392 C:\WINDOWS\system32\input.dll
2006-04-07 10:40 122,880 C:\WINDOWS\system32\glu32.dll
2006-04-07 10:40 121,856 C:\WINDOWS\system32\stobject.dll
2006-04-07 10:40 121,856 C:\WINDOWS\system32\schtasks.exe
2006-04-07 10:40 120,832 C:\WINDOWS\system32\offfilt.dll
2006-04-07 10:40 120,832 C:\WINDOWS\system32\msvfw32.dll
2006-04-07 10:40 120,832 C:\WINDOWS\system32\idq.dll
2006-04-07 10:40 120,320 C:\WINDOWS\system32\ir41_qc.dll
2006-04-07 10:40 12,288 C:\WINDOWS\system32\tracert.exe
2006-04-07 10:40 12,288 C:\WINDOWS\system32\odbcp32r.dll
2006-04-07 10:40 12,288 C:\WINDOWS\system32\netrap.dll
2006-04-07 10:40 12,288 C:\WINDOWS\system32\mstinit.exe
2006-04-07 10:40 12,288 C:\WINDOWS\system32\mscpx32r.dll
2006-04-07 10:40 12,168 C:\WINDOWS\system32\tsddd.dll
2006-04-07 10:40 119,808 C:\WINDOWS\system32\iasrad.dll
2006-04-07 10:40 119,808 C:\WINDOWS\system32\gpresult.exe
2006-04-07 10:40 118,784 C:\WINDOWS\system32\ntmarta.dll
2006-04-07 10:40 118,272 C:\WINDOWS\system32\t2embed.dll
2006-04-07 10:40 118,272 C:\WINDOWS\system32\mdminst.dll
2006-04-07 10:40 117,248 C:\WINDOWS\system32\mqtgsvc.exe
2006-04-07 10:40 116,736 C:\WINDOWS\system32\dpvvox.dll
2006-04-07 10:40 115,712 C:\WINDOWS\system32\mstlsapi.dll
2006-04-07 10:40 115,200 C:\WINDOWS\system32\wmsdmoe.dll
2006-04-07 10:40 114,688 C:\WINDOWS\system32\iexpress.exe
2006-04-07 10:40 114,688 C:\WINDOWS\system32\aclui.dll
2006-04-07 10:40 113,152 C:\WINDOWS\system32\dsuiext.dll
2006-04-07 10:40 112,128 C:\WINDOWS\system32\rastls.dll
2006-04-07 10:40 111,104 C:\WINDOWS\system32\wiavideo.dll
2006-04-07 10:40 111,104 C:\WINDOWS\system32\netdde.exe
2006-04-07 10:40 111,104 C:\WINDOWS\system32\dhcpcsvc.dll
2006-04-07 10:40 111,104 C:\WINDOWS\system32\dgnet.dll
2006-04-07 10:40 110,592 C:\WINDOWS\system32\dbnetlib.dll
2006-04-07 10:40 110,080 C:\WINDOWS\system32\imm32.dll
2006-04-07 10:40 11,776 C:\WINDOWS\system32\xolehlp.dll
2006-04-07 10:40 11,776 C:\WINDOWS\system32\wshrm.dll
2006-04-07 10:40 11,776 C:\WINDOWS\system32\regsvr32.exe
2006-04-07 10:40 11,776 C:\WINDOWS\system32\localui.dll
2006-04-07 10:40 11,264 C:\WINDOWS\system32\msrle32.dll
2006-04-07 10:40 11,264 C:\WINDOWS\system32\icaapi.dll
2006-04-07 10:40 11,264 C:\WINDOWS\system32\autolfn.exe
2006-04-07 10:40 11,264 C:\WINDOWS\system32\atmadm.exe
2006-04-07 10:40 109,568 C:\WINDOWS\system32\progman.exe
2006-04-07 10:40 108,032 C:\WINDOWS\system32\services.exe
2006-04-07 10:40 107,520 C:\WINDOWS\system32\rsnotify.exe
2006-04-07 10:40 107,008 C:\WINDOWS\system32\oleprn.dll
2006-04-07 10:40 106,496 C:\WINDOWS\system32\odbccp32.dll
2006-04-07 10:40 105,984 C:\WINDOWS\system32\sysocmgr.exe
2006-04-07 10:40 105,984 C:\WINDOWS\system32\msoert2.dll
2006-04-07 10:40 105,984 C:\WINDOWS\system32\dmstyle.dll
2006-04-07 10:40 105,472 C:\WINDOWS\system32\polstore.dll
2006-04-07 10:40 104,960 C:\WINDOWS\system32\dfrgntfs.exe
2006-04-07 10:40 104,448 C:\WINDOWS\system32\dmusic.dll
2006-04-07 10:40 103,936 C:\WINDOWS\system32\nlhtml.dll
2006-04-07 10:40 103,424 C:\WINDOWS\system32\dmsynth.dll
2006-04-07 10:40 102,912 C:\WINDOWS\system32\clipbrd.exe
2006-04-07 10:40 102,400 C:\WINDOWS\system32\rcbdyctl.dll
2006-04-07 10:40 101,888 C:\WINDOWS\system32\win32spl.dll
2006-04-07 10:40 101,888 C:\WINDOWS\system32\cscdll.dll
2006-04-07 10:40 101,888 C:\WINDOWS\system32\actxprxy.dll
2006-04-07 10:40 100,352 C:\WINDOWS\system32\6to4svc.dll
2006-04-07 10:40 10,752 C:\WINDOWS\system32\dumprep.exe
2006-04-07 10:40 10,240 C:\WINDOWS\system32\lprhelp.dll
2006-04-07 10:40 1,839,488 C:\WINDOWS\system32\win32k.sys
2006-04-07 10:40 1,708,032 C:\WINDOWS\system32\netshell.dll
2006-04-07 10:40 1,580,544 C:\WINDOWS\system32\sfcfiles.dll
2006-04-07 10:40 1,507,356 C:\WINDOWS\system32\msjet40.dll
2006-04-07 10:40 1,435,648 C:\WINDOWS\system32\query.dll
2006-04-07 10:40 1,428,480 C:\WINDOWS\system32\msvidctl.dll
2006-04-07 10:40 1,392,671 C:\WINDOWS\system32\msvbvm60.dll
2006-04-07 10:40 1,298,432 C:\WINDOWS\system32\dxdiag.exe
2006-04-07 10:40 1,294,336 C:\WINDOWS\system32\dsound3d.dll
2006-04-07 10:40 1,287,168 C:\WINDOWS\system32\quartz.dll
2006-04-07 10:40 1,236,480 C:\WINDOWS\system32\msxml3.dll
2006-04-07 10:40 1,227,264 C:\WINDOWS\system32\dx8vb.dll
2006-04-07 10:40 1,200,128 C:\WINDOWS\system32\ntbackup.exe
2006-04-07 10:40 1,192,960 C:\WINDOWS\system32\mmcndmgr.dll
2006-04-07 10:40 1,179,648 C:\WINDOWS\system32\d3d8.dll
2006-04-07 10:40 1,082,368 C:\WINDOWS\system32\esent.dll
2006-04-07 10:40 1,054,208 C:\WINDOWS\system32\danim.dll
2006-04-07 10:40 1,032,192 C:\WINDOWS\explorer.exe
2006-04-07 10:40 1,028,096 C:\WINDOWS\system32\mfc42.dll
2006-04-07 10:40 1,024,000 C:\WINDOWS\system32\mfc42u.dll
2006-04-07 10:28 176,128 C:\WINDOWS\system32\nvudisp.exe
2006-04-07 10:14 13,536 C:\WINDOWS\system32\spmsg.dll
2006-04-07 10:10 465,176 C:\WINDOWS\system32\wuapi.dll
2006-04-07 10:10 41,240 C:\WINDOWS\system32\wups.dll
2006-04-07 10:10 194,328 C:\WINDOWS\system32\wuaueng1.dll
2006-04-07 10:10 18,200 C:\WINDOWS\system32\wups2.dll
2006-04-07 10:10 172,312 C:\WINDOWS\system32\wuauclt1.exe
2006-04-07 10:10 127,256 C:\WINDOWS\system32\wucltui.dll


((((((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"
"SoundMan"="SOUNDMAN.EXE"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"NWEReboot"=""
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\System32\\NvMcTray.dll,NvTaskbarInit"
"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"MessengerPlus3"="\"C:\\Program Files\\MessengerPlus! 3\\MsgPlus.exe\""
"Logitech Utility"="Logi_MwX.Exe"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"win32064509-39979"="C:\\WINDOWS\\win32064509-39979.exe"
"!ewido"="\"C:\\Program Files\\ewido anti-spyware 4.0\\ewido.exe\" /minimized"
"SurfSideKick 3"="C:\\Program Files\\SurfSideKick 3\\Ssk.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"LDM"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\BackWeb-8876480.exe"
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Program Files\\Common Files\\Ahead\\lib\\NMBgMonitor.exe\""
"TClock.exe"="C:\\Program Files\\TClock\\tclock_install.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=dword:00000000

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="C:\\Program Files\\Messenger\\kycec.html"
"SubscribedURL"=""
"FriendlyName"=""
"Flags"=dword:00002000
"Position"=hex:2c,00,00,00,64,00,00,00,64,00,00,00,58,02,00,00,c8,00,00,00,e8,\
03,00,00,00,00,00,00,00,00,00,00,00,00,00,00,14,00,00,00,14,00,00,00
"CurrentState"=hex:01,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,64,00,00,00,64,00,00,00,58,02,00,00,c8,00,\
00,00,01,00,00,00
"RestoredStateInfo"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\1]
"Source"="C:\\Program Files\\Windows NT\\hozyzez.html"
"SubscribedURL"=""
"FriendlyName"=""
"Flags"=dword:00002000
"Position"=hex:2c,00,00,00,64,00,00,00,64,00,00,00,58,02,00,00,c8,00,00,00,ea,\
03,00,00,00,00,00,00,00,00,00,00,00,00,00,00,14,00,00,00,14,00,00,00
"CurrentState"=hex:01,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,64,00,00,00,64,00,00,00,58,02,00,00,c8,00,\
00,00,01,00,00,00
"RestoredStateInfo"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\2]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,e2,03,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="ewido anti-spyware 4.0"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Brad^Start Menu^Programs^Startup^XFX Game Controller.lnk]
"path"="C:\\Documents and Settings\\Brad\\Start Menu\\Programs\\Startup\\XFX Game Controller.lnk"
"backup"="C:\\WINDOWS\\pss\\XFX Game Controller.lnkStartup"
"location"="Startup"
"command"="C:\\Documents and Settings\\Brad\\Application Data\\Microsoft\\Installer\\{C843A6E6-5B4E-4F36-9F1A-10187070D3DA}\\XFXController.exe1_C843A6E65B4E4F369F1A10187070D3DA.exe "
"item"="XFX Game Controller"

HKEY_LOCAL_MACHINE\system\controlset001\control\safeboot\minimal\vds
HKEY_LOCAL_MACHINE\system\controlset001\control\safeboot\minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}
HKEY_LOCAL_MACHINE\system\controlset003\control\safeboot\minimal\vds
HKEY_LOCAL_MACHINE\system\controlset003\control\safeboot\minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}


Contents of the 'Scheduled Tasks' folder

Completion time: Mon 07/03/2006 14:57:30.87
ComboFix ver 06.07.01 - This logfile is located at C:\ComboFix.txt

ComboFix.2006-06-30.190305.txt
ComboFix.2006-07-03.145725.txt

Thanks again for all the help you have been!
Dober

#11 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:01:07 AM

Posted 03 July 2006 - 03:31 PM

Hello,

Alright, the only reason I haven't gotten an antivirus or firewall yet is because I'm trying to use the computer as little as possible untill all viruses/malwares/etc. are gone. Also, I don't know which one of the 3 choices you gave to pick.


Do you know why an antivirus and firewall is needed? To get rid of all malware. That's why I really want you to install them, because it really doesn't make any sense that I give you instructions how to delete things if it will be reinstalled again, because nothing is preventing it.
And that is what happened, you got reinfected.
If you don't know which one to choose, install Avira Antivirus and Kerio as a firewall.

Ok, we have to start again...

I also see you forgot this step previously:

* Go to start > control panel > Display properties > Desktop > Customize Desktop... > Web tab
Uncheck and delete everything you find in there. (except for "My current home page")


So please perform this first.

Then,

* Start HijackThis, close all open windows leaving only HijackThis running. Place a check against each of the following:

O2 - BHO: Yvakt Class - {AE0ECC2F-0C33-494C-8B22-B57A7763027F} - C:\WINDOWS\system32\x3cqp0.dll (file missing)
O4 - HKLM\..\Run: [win32064509-39979] C:\WINDOWS\win32064509-39979.exe
O4 - HKLM\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O4 - HKCU\..\Run: [TClock.exe] C:\Program Files\TClock\tclock_install.exe


* Click on Fix Checked when finished and exit HijackThis.
Make sure your Internet Explorer is closed when you click Fix Checked!

Delete next files and folders:

C:\Program Files\SurfSideKick 3 <== folder
C:\WINDOWS\bwUnin-6.1.4.61-8876480L.exe
C:\WINDOWS\win32064509-39979.exe
C:\WINDOWS\win32064509-399792006.exe
C:\WINDOWS\ms04794509-3992006.exe
C:\Program Files\Common Files\T?sks <== this folder, will most probably look like tasks. Make sure you don't delete the tasks folder anywhere else! The one you have to delete, when you rightclick it and choose properties, the date should be: 2006-06-28 17:33:10

If you are having problems with deleting some, try it in safe mode.

* Perform an onlinescan with panda: (please use this scanner instead of any other scanner!)
Panda Online
- Once you are on the Panda site click the Scan your PC button
- A new window will open...click the Check Now button
- Enter your Country
- Enter your State/Province
- Enter your e-mail address and click send
- Select either Home User or Company
- Click the big Scan Now button
- If it wants to install an ActiveX component allow it
- It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
- When download is complete, click on Local Disks to start the scan
- When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location.
Post the contents of the Panda scan report together with a new hijackthislog together with a new hijackthislog.
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#12 Dober

Dober
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:07 PM

Posted 04 July 2006 - 03:17 PM

Okay,
So here's the log files:

Incident Status Location

Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\jkmel3h7.default\cookies.txt[.adultfriendfinder.com/]
Spyware:Cookie/Sextracker Not disinfected C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\jkmel3h7.default\cookies.txt[.sextracker.com/]
Spyware:Cookie/cs.sexcounter Not disinfected C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\jkmel3h7.default\cookies.txt[.cs.sexcounter.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\jkmel3h7.default\cookies.txt[.bluestreak.com/]
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\jkmel3h7.default\cookies.txt[.doubleclick.net/]
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\jkmel3h7.default\cookies.txt[.atdmt.com/]
Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\jkmel3h7.default\cookies.txt[.bravenet.com/]
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Brad\Application Data\Mozilla\Firefox\Profiles\jkmel3h7.default\cookies.txt[.statcounter.com/]
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Brad\Cookies\brad@ad.yieldmanager[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Brad\Cookies\brad@belnk[1].txt
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Brad\Cookies\brad@burstnet[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Brad\Cookies\brad@dist.belnk[2].txt
Potentially unwanted tool:Application/Poliphonic Not disinfected C:\Documents and Settings\Brad\Desktop\Installers\Ringtones + Polyphonic Wizard v2.3.3\Polyphonic Tones.part01.rar[Polyphonic Tones\Polyphonic Tones\Coding Workshop Polyphonic Wizard v2.3.3\Coding Workshop Polyphonic Wizard v2.3.3\Crack\cwpolywz.exe]
Potentially unwanted tool:Application/KillApp.B Not disinfected C:\Documents and Settings\Brad\Desktop\Installers\xampp-win32-1.4.2-installer.exe[kill.exe]
Adware:Adware/CommAd Not disinfected C:\WINDOWS\QnJhZCBEb2Jlcg\kBL1tF1HvZL5w0.vbs

Logfile of HijackThis v1.99.1
Scan saved at 3:15:03 PM, on 7/4/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Kerio\Personal Firewall\persfw.exe
C:\Program Files\HijackThis 1.99.1\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1144422573946
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B0D5005F-B493-426C-A066-8243F4466A72}: NameServer = 216.114.28.3,64.83.160.45
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Kerio Personal Firewall (PersFw) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall\persfw.exe

Sorry about not installing an antivirus program or firewall, but I have them now. (I also did delete the stuff in the custom desktop. They must've came back, but they're gone now)
Thanks Again,
Dober

#13 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:01:07 AM

Posted 05 July 2006 - 12:21 AM

Now we finally made progress. :thumbsup:

Your hijackthislog looks clean again.

Delete next file and folder:

C:\Documents and Settings\Brad\Desktop\Installers\Ringtones + Polyphonic Wizard v2.3.3\Polyphonic Tones.part01.rar
C:\WINDOWS\QnJhZCBEb2Jlcg == folder, this is a hidden folder, so make sure hidden files and folders are shown.

Let me know in your next reply how things are running now. :flowers:
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#14 Dober

Dober
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:07 PM

Posted 06 July 2006 - 12:52 AM

Hello,

Everything seems to be running smoothly. Thank you soo much! I'll have to refer you to anyone I know who gets a virus they can't solve! I don't know what I would've done without you. If anything comes up again, I'll just reply to this, or start a new topic, but I doubt I'll need to!

Thanks again,
Dober

#15 miekiemoes

miekiemoes

    Malware Killer Dog


  • Malware Response Team
  • 19,420 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Belgium
  • Local time:01:07 AM

Posted 06 July 2006 - 01:12 AM

Glad I could help. :thumbsup:

To keep this clean in the future, I would suggest the following things:

Install Spywareblaster
SpywareBlaster doesn`t scan and clean for so-called spyware, but prevents it from being installed in the first place. It blocks the popular spyware ActiveX controls, and also prevents the installation of any of them via a webpage.

* Avoid illegal sites, because that's where most malware is present.
* Don't click on links inside popups.
* Don't click on links in spam messages claiming to offer anti-spyware software; because most of these so called removers ARE spyware.
* Download free software only from sites you know and trust. Because a lot of free software can bundle other software, including spyware.

Let your antispywarescanner(s) scan frequently and don't forget to update before.

And I do suggest you perform an online virusscan once in a while. (Housecall and/or Bitdefender). Because what one virusscanner can't find another one maybe can.
Also make sure that your virusscanner, the one that is installed on your system is always up to date!

Make sure your windows has the latest updates: http://windowsupdate.microsoft.com/

If you are having XP SP2, read here how to configure Security Features for Internet Explorer:
http://www.microsoft.com/technet/security/...xp/iesecxp.mspx

Also visit this Free Online Scanner for PC Health and Safety and Microsoft Security At Home for tips to Protect your Pc, Protect yourself and Protect your Family.

More info on how to prevent malware you can also find here (By Tony Klein)
and here: http://wiki.castlecops.com/Malware_Prevent...nt_Re-infection

If you want to fight back the Malware Writers that have made your life a misery, please take a look here.

Happy surfing again! :flowers:
AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow---My Blog---Follow me on Twitter.
My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users